Detections
Analytics

Cisco Catalyst 3750-X Series Switch Default Credentials Vulnerability (CSCue92286)

medium Nessus Plugin ID 70894

Language:

Synopsis

The remote device is running a vulnerable IOS version.

Description

The remote Cisco device potentially contains an issue which, due to default credentials on the Cisco Service Module, could allow a local attacker to gain unauthorized root access.

Solution

Apply the patch referenced in Cisco Bug Id CSCue92286.

See Also

http://www.nessus.org/u?fd2608be

Plugin Details

Severity: Medium

ID: 70894

File Name: cisco-sn-CSCue92286.nasl

Version: 1.6

Type: local

Family: CISCO

Published: 11/13/2013

Updated: 11/15/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:L/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Settings/ParanoidReport, Host/Cisco/IOS/Version, Host/Cisco/IOS/Model

Exploit Ease: No exploit is required

Patch Publication Date: 10/24/2013

Vulnerability Publication Date: 10/24/2013

Reference Information

CVE: CVE-2013-5522

BID: 63342

CISCO-BUG-ID: CSCue92286