Vulnslist

find the latest Cisco vulnerabilities

Cisco Ultra Services Framework Element Manager Insecure Default Credentials Vulnerability

cisco-sa-20170607-usf4 · Medium · Published · Updated

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in as an admin or oper user of the affected device. The vulnerability is due to weak, hard-coded credentials of the admin and oper user present on the affected device. An exploit could allow the attacker with access to the management network to log in as an admin or oper user of the affected device. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf4

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2017-6686
Cisco Bug IDsCSCvc76699
CVSS ScoreBase 6.3
Base 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X
Product Names From Source
Cisco Ultra Services Framework Element Manager

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2017-6686 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2017-6686 Cisco OpenVuln
Cisco Ultra Services Framework Element Manager CVE-2017-6686 Cisco OpenVuln
Cisco Ultra Services Framework CVE-2017-6686 Cisco OpenVuln