Vulnerabilities > CVE-2011-2024 - Credentials Management vulnerability in Cisco CNS Network Registrar
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Cisco Network Registrar before 7.2 has a default administrative password, which makes it easier for remote attackers to obtain access via a TCP session, aka Bug ID CSCsm50627.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Seebug
| bulletinFamily | exploit |
| description | Bugtraq ID: 48076 CVE ID:CVE-2011-2024 Cisco CNS Network Registrar提供高可扩展性和可靠性的DNS, DHCP和TFTP服务。 Cisco Network Registrar包含一个使用默认密码的管理员账户,攻击者可以利用此漏洞以管理员特权更改Cisco Network Registrar的设置 Cisco CNS Network Registrar 7.1 Cisco CNS Network Registrar 7.0 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息: http://www.cisco.com/warp/public/707/cisco-sa-20110601-cnr.shtml |
| id | SSV:20605 |
| last seen | 2017-11-19 |
| modified | 2011-06-04 |
| published | 2011-06-04 |
| reporter | Root |
| title | Cisco CNS Network Registrar默认验证信息验证绕过漏洞 |