PT-2016-4703 · Cisco+1 · Cisco Ucs Invicta C3124Sa Appliance+2
Publicado
2016-04-06
·
Atualizado
2016-12-03
·
CVE-2016-1313
CVSS v3.1
10
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco UCS Invicta C3124SA Appliance versions 4.3.1 through 5.0.1
UCS Invicta Scaling System and Appliance (affected versions not specified)
Whiptail Racerunner (affected versions not specified)
Description
The issue is related to the improper storage of a default SSH private key, allowing remote attackers to obtain root access.
Recommendations
For Cisco UCS Invicta C3124SA Appliance versions 4.3.1 through 5.0.1, update to a version outside of this range to resolve the issue.
For UCS Invicta Scaling System and Appliance, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For Whiptail Racerunner, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Ucs Invicta C3124Sa Appliance
Ucs Invicta Scaling System/Appliance
Whiptail Racerunner