Cisco Prime Network Control System Default Credentials (cisco-sa-20130410-ncs)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.

Synopsis :

One or more accounts on the remote host use a default password.

Description :

According to its self-reported version, the remote host is running a
release of Cisco Prime Network Control System prior to 1.1.2. As
such, it reportedly has the following vulnerabilities :

- The 'oracle' user account is secured with an unspecified,
default password. (CSCtz30468)

- The 'wcsdba' Oracle database account is secured with a
default password of 'wcs123'. (CSCub54624)

A remote, unauthenticated attacker could exploit this to log into the
system and change its configuration or disrupt services.

See also :

Solution :

Upgrade to Cisco Prime Network Control System version 1.1.2 or later.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 66861 ()

Bugtraq ID: 59013

CVE ID: CVE-2013-1170

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now