PT-2017-17242 · Cisco · Cisco Ultra Services Framework Element Manager

Published

2017-06-13

Updated

2019-10-03

CVE-2017-6686

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cisco Ultra Services Framework Element Manager version 21.0.0

Description A vulnerability exists that could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device. This issue is related to insecure default credentials.

Recommendations For version 21.0.0, change the default credentials to secure ones to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1188

Related Identifiers

CVE-2017-6686

Affected Products

Cisco Ultra Services Framework Element Manager

PT-2017-17242 · Cisco · Cisco Ultra Services Framework Element Manager

CVE-2017-6686

Weakness Enumeration

Related Identifiers

Affected Products

References · 4