PT-2016-7710 · Cisco · Cisco Ios Xr
Publicado
2016-12-07
·
Atualizado
2016-12-22
·
CVE-2016-9215
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cisco IOS XR Software version 6.1.1.BASE
Description
A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user. The issue is due to a user account that has a default and static password, which an attacker could exploit by connecting to the affected system using this default account. This could allow the attacker to gain complete control of the underlying operating system.
Recommendations
For Cisco IOS XR Software version 6.1.1.BASE, update the software to remove the default and static password for the affected user account to prevent exploitation.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Ios Xr