Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2011-0354

Published: 03/02/2011 Updated: 22/09/2011
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote malicious users to obtain access via an unspecified login method.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco tandberg endpoint

cisco tandberg endpoint tc2.1.2

cisco tandberg endpoint tc3.0.0

cisco tandberg endpoint tc3.1.0

cisco tandberg endpoint tc3.1.1

cisco tandberg endpoint tc3.1.2

cisco tandberg endpoint c20

cisco tandberg endpoint c40

cisco tandberg endpoint c60

cisco tandberg endpoint c90

cisco tandberg personal video unit software

cisco tandberg personal video unit software tc3.1.0

cisco tandberg personal video unit software tc3.1.1

cisco tandberg personal video unit software tc3.1.2

cisco tandberg personal video unit ex90

cisco tandberg personal video unit software te1.0.1

cisco tandberg personal video unit software te2.2.0

cisco tandberg personal video unit e20

cisco tandberg personal video unit ex60

Vendor Advisories

Cisco: Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints
Tandberg C Series Endpoints and E/EX Personal Video units that are running software versions prior to TC400 ship with a root administrator account that is enabled by default with no password An attacker could use this account in order to modify the application configuration or operating system settings Resolving this default p ...

Exploits

Exploit DB: Tandberg E & EX & C Series Endpoints - Default Root Account Credentials
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints Advisory ID: cisco-sa-20110202-tandberg Revision 10 For Public Release 2011 February 2 1600 UTC (GMT) +--------------------------------------------------------------------- Summary ======= Ta ...

References

CWE-255http://tools.cisco.com/security/center/viewAlert.x?alertId=22314http://www.securityfocus.com/bid/46107http://securitytracker.com/id?1025017http://www.exploit-db.com/exploits/16100http://www.cisco.com/en/US/products/ps11422/products_security_advisory09186a0080b69541.shtmlhttp://www.kb.cert.org/vuls/id/436854http://secunia.com/advisories/43158http://securityreason.com/securityalert/8060https://nvd.nist.govhttps://www.exploit-db.com/exploits/16100/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110202-tandberghttps://www.kb.cert.org/vuls/id/436854
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692malicious code‎XML injectionCVE-2024-28020CVE-2024-35252CVE-2024-5833CVE-2024-30066injectionCVE-2024-23282
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook