Vulnerabilities > CVE-2011-3290 - Credentials Management vulnerability in Cisco products

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

cisco

CWE-255

NVD

Published: 2011-09-21

Updated: 2024-11-21

Summary

Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via unknown vectors, aka Bug ID CSCts59135.

Vulnerable Configurations

Part	Description	Count
Hardware	Cisco Cisco Identity Services Engine *	1
Application	Cisco Cisco Identity Services Engine Software - Cisco Identity Services Engine Software 1.0 Cisco Identity Services Engine Software 1.0Mr	3

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://secunia.com/advisories/46061
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95105.shtml
http://www.securityfocus.com/bid/49703
http://www.securitytracker.com/id?1026075
https://exchange.xforce.ibmcloud.com/vulnerabilities/69945
http://secunia.com/advisories/46061
https://exchange.xforce.ibmcloud.com/vulnerabilities/69945
http://www.securitytracker.com/id?1026075
http://www.securityfocus.com/bid/49703
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95105.shtml