Cisco TANDBERG C Series And E/EX Series Default Credentials Authentication Bypass Vulnerability Network Vulnerability

Summary

Cisco TANDBERG C Series Endpoints and E/EX Series Personal Video devices are prone to a remote authentication-bypass vulnerability. An attacker can exploit this issue to gain unauthorized root access to the affected devices. Successful exploits will result in the complete compromise of the affected device.

Solution

The vendor has released an advisory along with fixes. Please see the referenced advisory for more information.

References

http://www.cisco.com/en/US/products/ps11422/products_security_advisory09186a0080b69541.shtml
http://www.kb.cert.org/vuls/id/436854
http://www.securityfocus.com/archive/1/516126
http://www.securityfocus.com/bid/46107
http://www.tandberg.com/support/video-conferencing-software-download.jsp?t=2

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-0354

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

PostgreSQL no password
Dlink DIR Multiple Devices Default Login
HP IP Console Switch KVM Default Login
Xerox Printer Default Account Authentication Bypass Vulnerability
Default password (admin) for Linksys Router

Cisco TANDBERG C Series and E/EX Series Default Credentials Authentication Bypass Vulnerability

Take action and discover your vulnerabilities