Vulnerabilities > CVE-2013-5558 - Credentials Management vulnerability in Cisco Telepresence VX Clinical Assistant 1.2
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | Misc. |
| NASL id | CISCO_CCA_BLANK_PASSWORD.NASL |
| description | Cisco TelePresence VX Clinical Assistant is affected by a password reset vulnerability. The WIL-A module causes the administrative password to be reset to a blank password every time the device is rebooted. This plugin attempts to authenticate to the device using the username |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 70940 |
| published | 2013-11-18 |
| reporter | This script is Copyright (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/70940 |
| title | Cisco TelePresence VX Clinical Assistant WIL-A Module Reboot Admin Password Removal |