The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) up to and including 8.0.120.7 allows logins by the oracle account, which makes it easier for remote malicious users to obtain access by entering this account's hardcoded password in an SSH session, aka Bug ID CSCuv40501.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cisco mobility services engine 7.6.132.0 |
||
cisco mobility services engine 8.0_base |
||
cisco mobility services engine 8.0\\(110.0\\) |
||
cisco mobility services engine 7.0_base |
||
cisco mobility services engine 7.4_base |
||
cisco mobility services engine 7.4.100.0 |
||
cisco mobility services engine 7.4.110.0 |
||
cisco mobility services engine 5.1_base |
||
cisco mobility services engine 6.0_base |
||
cisco mobility services engine 7.4.121.0 |
||
cisco mobility services engine 7.6.100.0 |
||
cisco mobility services engine 5.2_base |
||
cisco mobility services engine 7.5.102.101 |
||
cisco mobility services engine 7.6.120.0 |
Vulmon