Vulnerabilities > CVE-2015-0924 - Credentials Management vulnerability in Ceragon Fiberair Ip-10C, Fiberair Ip-10E and Fiberair Ip-10G

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

ceragon

CWE-255

NVD

Published: 2015-01-17

Updated: 2017-05-27

Summary

Ceragon FibeAir IP-10 bridges have a default password for the root account, which makes it easier for remote attackers to obtain access via a (1) HTTP, (2) SSH, (3) TELNET, or (4) CLI session.

Vulnerable Configurations

Part	Description	Count
Hardware	Ceragon Ceragon Fiberair IP 10G - Ceragon Fiberair IP 10E - Ceragon Fiberair IP 10C -	3

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

Packetstorm

data source	https://packetstormsecurity.com/files/download/131259/ceragonfibeair-disclose.txt
id	PACKETSTORM:131259
last seen	2016-12-05
published	2015-04-02
reporter	Tod Beardsley
source	https://packetstormsecurity.com/files/131259/Ceragon-FibeAir-IP-10-SSH-Private-Key-Exposure.html
title	Ceragon FibeAir IP-10 SSH Private Key Exposure

References

http://www.kb.cert.org/vuls/id/936356