CVE-2018-0222

CWE-798Hard-coded Credentials4 documents4 sources
Severity
10.0CRITICAL
EPSS
1.8%
top 17.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Digital Network Architecture Center
Timeline
PublishedMay 17
Latest updateMay 13

Description

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by using an administrative account that has default, static user credentials. The vulnerability is due to the presence of undocumented, static user credentials for the default administrative account for the affected software. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could a

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages2 packages

CVEListV5cisco_digital_network_architecture_centerCisco Digital Network Architecture Center

🔴Vulnerability Details

2
GHSA
GHSA-rr45-pqf5-hmrg: A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by2022-05-13
CVEList
CVE-2018-0222: A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to log in to an affected system by2018-05-17

📋Vendor Advisories

1
Cisco
Cisco Digital Network Architecture Center Static Credentials Vulnerability2018-05-16
CVE-2018-0222 (CRITICAL CVSS 10) | A vulnerability in Cisco Digital Ne | cvebase.io