CVE-2011-2555
published 2011-08-29CVE-2011-2555: Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root administrator account, which makes it easier for remote…
PriorityP354critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
3.37%
87.2th percentile
Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root administrator account, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtr76182.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | telepresence_e20_software | <= te4.1.1-cucm | — |
| cisco | telepresence_e20_software | — | — |
| cisco | telepresence_e20_software | — | — |
| cisco | telepresence_e20_software | — | — |
| cisco | telepresence_e20_software | — | — |
| cisco | telepresence_e20_software | — | — |
| cisco | telepresence_e20_software | — | — |
| cisco | telepresence_e20_software | — | — |
| cisco | telepresence_e20_software | — | — |
| cisco | telepresence_e20_software | — | — |
| cisco | telepresence_recording_server_default_credentials_for_root_account | — | — |
| cisco | telepresence_recording_server_software | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Cisco
Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability
vendor_cisco
CVE-2011-2555 Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability
CVE-2011-2555: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability
Cisco TelePresence Recording Server Software Release 1.7.2.0 includes a root administrator account that is enabled by default. Successful exploitation of the vulnerability could allow a remote attacker to use these default credentials to modify the system configuration and settings. A workaround exists to mitigate this vulnerability. Cisco has released software updates that address this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110729-tp .
Bug IDs: CSCtr76182
GHSA
GHSA-7cfx-84cc-74rq: Cisco TelePresence Recording Server 1
ghsa_unreviewed·2022-05-17
CVE-2011-2555 [HIGH] GHSA-7cfx-84cc-74rq: Cisco TelePresence Recording Server 1
Cisco TelePresence Recording Server 1.7.2.x before 1.7.2.1 has a default password for the root administrator account, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtr76182.
GHSA
GHSA-8hc9-7v2m-wf28: Cisco TelePresence Software before TE 4
ghsa_unreviewed·2022-05-17·CVSS 10.0
CVE-2011-4659 [CRITICAL] GHSA-8hc9-7v2m-wf28: Cisco TelePresence Software before TE 4
Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://securitytracker.com/id?1025872http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8ad3f.shtmlhttp://www.securityfocus.com/bid/48932https://exchange.xforce.ibmcloud.com/vulnerabilities/68887http://securitytracker.com/id?1025872http://www.cisco.com/en/US/products/products_security_advisory09186a0080b8ad3f.shtmlhttp://www.securityfocus.com/bid/48932https://exchange.xforce.ibmcloud.com/vulnerabilities/68887
2011-08-29
Published