PT-2007-3615 · Cisco+1 · Cisco Network Services (Cns) Netflow Collection Engine+1

Publicado

2007-04-26

Atualizado

2017-07-29

CVE-2007-2282

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Network Services (CNS) NetFlow Collection Engine (NFC) versions prior to 6.0

Description The issue allows remote attackers to modify the product configuration. When installed on Linux, it also allows attackers to obtain login access to the host operating system. This is due to an nfcuser account with a default password.

Recommendations For versions prior to 6.0, change the default password of the nfcuser account to prevent unauthorized access. As a temporary workaround, consider restricting access to the NFC service until the default password is changed.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2007-2282

Produtos afetados

Cisco Network Services (Cns) Netflow Collection Engine

Linux

PT-2007-3615 · Cisco+1 · Cisco Network Services (Cns) Netflow Collection Engine+1

CVE-2007-2282

Identificadores relacionados

Produtos afetados

Referências · 8