CVE-2015-2909

Name of the Vulnerable Software and Affected Versions: Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 devices (affected versions not specified)

Description: The issue arises because the devices rely on a GUI warning to ensure administrators configure login credentials. This makes it easier for remote attackers to obtain access in situations where the warning was not heeded. The vendor notes that clear warnings are presented on the GUI to set usernames and passwords.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.