Cisco VG248 Login Password Is Blank Network Vulnerability

Summary

The remote host is a Cisco VG248 with a blank password. The Cisco VG248 does not have a password set and allows direct access to the configuration interface. An attacker could telnet to the Cisco unit and reconfigure it to lock the owner out as well as completely disable the phone system.

Solution

Telnet to this unit and at the configuration interface: Choose Configure-> and set the login and enable passwords. If possible, in the future do not use telnet since it is an insecure protocol.

Severity

Classification

CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Multiple Cisco Nexus Devices IP Stack Remote Denial of Service Vulnerability
Cisco VG248 login password is blank
Cisco Prime LAN Management Solution Remote Command Execution Vulnerability
Cisco IOS XR Software Fragmented Packets Processing Denial of Service Vulnerability
CISCO Secure ACS Management Interface Login Overflow

Take action and discover your vulnerabilities