PT-2011-2291 · Cisco · Cisco Tandberg E/Ex Personal Video Units+1

Jared Allar

Published

2011-02-03

Updated

2011-09-22

CVE-2011-0354

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Cisco Tandberg C Series Endpoints versions prior to TC4.0.0 Cisco Tandberg E and EX Personal Video units versions prior to TC4.0.0

Description The issue concerns a default configuration that sets a blank password for the root account, making it easier for remote attackers to gain access.

Recommendations For Cisco Tandberg C Series Endpoints versions prior to TC4.0.0, update to version TC4.0.0 or later to fix the issue. For Cisco Tandberg E and EX Personal Video units versions prior to TC4.0.0, update to version TC4.0.0 or later to fix the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-255

Related Identifiers

CVE-2011-0354

Affected Products

Cisco Tandberg C Series Endpoints

Cisco Tandberg E/Ex Personal Video Units

PT-2011-2291 · Cisco · Cisco Tandberg E/Ex Personal Video Units+1

CVE-2011-0354

Weakness Enumeration

Related Identifiers

Affected Products

References · 10