Vulnslist

find the latest Cisco vulnerabilities

Cisco Ultra Services Framework Element Manager Insecure Default Password Vulnerability

cisco-sa-20170607-usf5 · Medium · Published · Updated

A vulnerability in Cisco Ultra Services Framework Element Manager could allow an authenticated, remote attacker with access to the management network to log in to the affected device using default credentials present on the system. The vulnerability is due to weak, hard-coded credentials present on the affected device. An exploit could allow an attacker with access to the management network to log in to the affected device using default credentials present on the system. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-usf5

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2017-6687
Cisco Bug IDsCSCvc76695
CVSS ScoreBase 6.3
Base 6.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:X/RL:X/RC:X
Product Names From Source
Cisco Ultra Services Framework Element Manager

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2017-6687 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2017-6687 Cisco OpenVuln
Cisco Ultra Services Framework Element Manager CVE-2017-6687 Cisco OpenVuln
Cisco Ultra Services Framework CVE-2017-6687 Cisco OpenVuln