CVE-2020-3180

A vulnerability in Cisco SD-WAN Solution Software could allow an unauthenticated, local attacker to access an affected device by using an account that has a default, static password. This account has root privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to an affected system by using this account. A successful exploit could allow the attacker to log in by using this account with root privileges.

Severity	HIGH
CVSS	7.8
CWE	CWE-264
KEV
Published	5 years ago
Modified	1 year ago

Related Products

Product	Advisory	Evidence
Cisco SD-WAN vManage	cisco-sa-sdscred-HfWWfqBj	Cisco OpenVuln
Cisco SD-WAN vEdge Router	cisco-sa-sdscred-HfWWfqBj	Cisco OpenVuln
Cisco SD-WAN Solution	cisco-sa-sdscred-HfWWfqBj	Cisco OpenVuln
Cisco Catalyst SD-WAN Manager	cisco-sa-sdscred-HfWWfqBj	Cisco OpenVuln
Cisco Catalyst SD-WAN	cisco-sa-sdscred-HfWWfqBj	Cisco OpenVuln