CVE-2014-0709Cisco UCS Director vulnerability

CWE-2554 documents4 sources
Severity
9.3CRITICALNVD
EPSS
0.5%
top 35.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco UCS Director
Timeline
PublishedFeb 22
Latest updateMay 17

Description

Cisco UCS Director (formerly Cloupia) before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDcisco/ucs_director4.0.0.2+2

🔴Vulnerability Details

2
GHSA
GHSA-r7vj-ghvm-j3pp: Cisco UCS Director (formerly Cloupia) before 42022-05-17
CVEList
CVE-2014-0709: Cisco UCS Director (formerly Cloupia) before 42014-02-22

📋Vendor Advisories

1
Cisco
Cisco UCS Director Default Credentials Vulnerability2014-02-20
CVE-2014-0709 — Cisco UCS Director vulnerability | cvebase