CVE-2011-1623

Current Description

Cisco Media Processing Software before 1.2 on Media Experience Engine (MXE) 5600 devices has a default root password, which makes it easier for context-dependent attackers to obtain access via (1) the local console, (2) an SSH session, or (3) a TELNET session, aka Bug ID CSCto77737.

Basic Data

PublishedJune 02, 2011
Last ModifiedAugust 17, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-255
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score10.0
SeverityHIGH
Exploitability Score10.0
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3ApplicationCiscoMedia Processing Software1.0.0*******
      2.3ApplicationCiscoMedia Processing Software1.0.1*******
      2.3ApplicationCiscoMedia Processing Software1.1.0*******
      2.3ApplicationCiscoMedia Processing Software1.1.1*******
      2.3ApplicationCiscoMedia Processing Software********1.1.3
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareCiscoMedia Experience Engine 5600********

Vulnerable Software List

VendorProductVersions
Cisco Media Processing Software *, 1.0.0, 1.0.1, 1.1.0, 1.1.1
Cisco Media Experience Engine 5600 *

References

NameSourceURLTags
72721http://osvdb.org/72721OSVDB
20110601 Default Credentials for root Account on the Cisco Media Experience Engine 5600http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80122.shtmlCISCOVendor Advisory
48078http://www.securityfocus.com/bid/48078BID
1025590http://www.securitytracker.com/id?1025590SECTRACK
cisco-mxe-default-password(67760)https://exchange.xforce.ibmcloud.com/vulnerabilities/67760XF