CVE-2015-0924

Name of the Vulnerable Software and Affected Versions Ceragon FibeAir IP-10 bridges (affected versions not specified)

Description The issue concerns a default password for the root account in Ceragon FibeAir IP-10 bridges, making it easier for remote attackers to gain access. Attackers can obtain access via various sessions, including (1) HTTP, (2) SSH, (3) TELNET, or (4) CLI.

Recommendations For Ceragon FibeAir IP-10 bridges, change the default password for the root account to a strong, unique password to prevent unauthorized access. As a temporary workaround, consider restricting access to the HTTP, SSH, TELNET, and CLI sessions until the default password issue is resolved. Restrict access to the root account to minimize the risk of exploitation.