Cisco TANDBERG C Series And E/EX Series Default Credentials Authentication Bypass Vulnerability Network Vulnerability

Summary

Cisco TANDBERG C Series Endpoints and E/EX Series Personal Video devices are prone to a remote authentication-bypass vulnerability. An attacker can exploit this issue to gain unauthorized root access to the affected devices. Successful exploits will result in the complete compromise of the affected device.

Solution

The vendor has released an advisory along with fixes. Please see the referenced advisory for more information.

References

http://www.cisco.com/en/US/products/ps11422/products_security_advisory09186a0080b69541.shtml
http://www.kb.cert.org/vuls/id/436854
http://www.securityfocus.com/archive/1/516126
http://www.securityfocus.com/bid/46107
http://www.tandberg.com/support/video-conferencing-software-download.jsp?t=2

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0354
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Multiple IP Video/Camera Server Web Interface Default Admin Credentials
Default password 'forgot' for account 'user'
Aastra OpenCom 1000 Default Login
Default password (ibmdb2) for db2inst1
OpenMediaVault Default Admin Credentials

Cisco TANDBERG C Series and E/EX Series Default Credentials Authentication Bypass Vulnerability

Take action and discover your vulnerabilities