CVE-2006-0181
published 2006-01-12CVE-2006-0181: Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows…
PriorityP425high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.38%
30.0th percentile
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cs-mars | — | — |
| cisco | cs-mars | — | — |
| cisco | security_monitoring_analysis_and | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Default Administrative Password in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
vendor_cisco·2006-01-11
CVE-2006-0181 CWE-264 Default Administrative Password in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
Default Administrative Password in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
The Cisco Security Monitoring, Analysis and Response System (CS-MARS)
software contains a default password for an undocumented administrative
account. This password is set, without any user intervention, during
installation of the software used by CS-MARS appliances, and is the same in all
installations of the product. Users must be authenticated to the CS-MARS
command line in order to utilize the default password to access the
administrative account.
Software version 4.1.2 and earlier of CS-MARS are affected by this
vulnerability. Customers running software version 4.1.3 or higher can mitigate
the effects of this vulnerability by applying the workaround listed in this
advisory. Cisco has
Cisco
Default Administrative Password in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
vendor_cisco
CVE-2006-0181 Default Administrative Password in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
CVE-2006-0181: Default Administrative Password in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
The Cisco Security Monitoring, Analysis and Response System (CS-MARS) software contains a default password for an undocumented administrative account. This password is set, without any user intervention, during installation of the software used by CS-MARS appliances, and is the same in all installations of the product. Users must be authenticated to the CS-MARS command line in order to utilize the default password to access the administrative account. Software version 4.1.2 and earlier of CS-MARS are affected by this vulnerability. Customers running software version 4.1.3 or higher can mitigate the effects of this vulnerability by applying the workaround listed in this adviso
GHSA
GHSA-9qhm-3hv4-jxp3: Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4
ghsa_unreviewed·2022-05-01
CVE-2006-0181 [HIGH] GHSA-9qhm-3hv4-jxp3: Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://seclists.org/bugtraq/2006/Jan/202http://secunia.com/advisories/18424http://securityreason.com/securityalert/335http://securitytracker.com/id?1015471http://www.cisco.com/warp/public/707/cisco-sa-20060111-mars.shtmlhttp://www.osvdb.org/22346http://www.securityfocus.com/bid/16211http://www.vupen.com/english/advisories/2006/0154https://exchange.xforce.ibmcloud.com/vulnerabilities/24065http://seclists.org/bugtraq/2006/Jan/202http://secunia.com/advisories/18424http://securityreason.com/securityalert/335http://securitytracker.com/id?1015471http://www.cisco.com/warp/public/707/cisco-sa-20060111-mars.shtmlhttp://www.osvdb.org/22346http://www.securityfocus.com/bid/16211http://www.vupen.com/english/advisories/2006/0154https://exchange.xforce.ibmcloud.com/vulnerabilities/24065
2006-01-12
Published