Vulnslist

find the latest Cisco vulnerabilities

Cisco Ultra Services Framework Staging Server Insecure Default Credentials Vulnerability

cisco-sa-20170607-usf3 · Medium · Published · Updated

A vulnerability in Cisco Ultra Services Framework Staging Server could allow an authenticated, remote attacker with access to the management network to log in as an admin user of the affected device. The vulnerability is due to weak, hard-coded credentials of the admin user present on the affected device. An exploit could allow the attacker with access to the management network to log in as an admin user of the affected device. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf3

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2017-6685
Cisco Bug IDsCSCvc76681
CVSS ScoreBase 6.3
Base 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X
Product Names From Source
Cisco Ultra Services Framework Staging Server

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2017-6685 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2017-6685 Cisco OpenVuln
Cisco Ultra Services Framework Staging Server CVE-2017-6685 Cisco OpenVuln
Cisco Ultra Services Framework CVE-2017-6685 Cisco OpenVuln