Vulnslist

find the latest Cisco vulnerabilities

Cisco Prime Network Control Systems Database Default Credentials Vulnerability

cisco-sa-20130410-ncs · High · Published · Updated

Cisco Prime Network Control System NCS appliances that are running software versions prior to 1.1.2 contain a database user account that is created with default credentials. An attacker could use this account to modify the configuration of the application or disrupt services. Cisco has released software updates that address these vulnerabilities. There is no workaround for these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-ncs

Cisco advisory ·CSAF JSON

Workarounds

There is no workaround for these vulnerabilities.

Additional mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this advisory:

http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=28796http://tools.cisco.com/security/center/viewAMBAlert.x?alertId=28796

CVEsCVE-2013-1170
Cisco Bug IDsCSCtz30468, CSCub54624
CVSS ScoreBase 7.5
Base 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C
Product Names From Source
Cisco Prime Network Control System

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2013-1170 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2013-1170 Cisco OpenVuln
Cisco Meraki MS Series Switches CVE-2013-1170 Cisco OpenVuln
Cisco Prime Network Control System CVE-2013-1170 Cisco OpenVuln
Cisco Prime Network CVE-2013-1170 Cisco OpenVuln