Cisco Prime Collaboration Assurance Default 'cmuser' Credentials (cisco-sa-20151209-pca)

high Nessus Plugin ID 87506

Synopsis

The remote network management device is protected by default credentials.

Description

The remote Cisco Prime Collaboration Assurance device is protected by default credentials. This is due to an undocumented account that is created during installation. A remote attacker can exploit this to log in to the system shell with the default 'cmuser' user account, and access the shell with a limited set of permissions.

Solution

Upgrade to Cisco Prime Collaboration Assurance version 11.0 or later.

Alternatively, a workaround is to change the default password for the 'cmuser' account.

See Also

http://www.nessus.org/u?28fa8c84

https://tools.cisco.com/bugsearch/bug/CSCus62707

Plugin Details

Severity: High

ID: 87506

File Name: cisco_prime_ca_cisco-sa-20151209-pca.nasl

Version: 1.21

Type: remote

Family: CISCO

Published: 12/18/2015

Updated: 11/27/2023

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.7

CVSS v2

Risk Factor: High

Base Score: 9

Temporal Score: 6.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:C

CVSS v3

Risk Factor: High

Base Score: 8.6

Temporal Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:prime_collaboration_assurance

Required KB Items: Host/Cisco/PrimeCollaborationAssurance/version

Exploit Ease: No known exploits are available

Patch Publication Date: 12/9/2015

Vulnerability Publication Date: 12/9/2015

Reference Information

CVE: CVE-2015-6389

BID: 78738

CISCO-SA: cisco-sa-20151209-pca

CISCO-BUG-ID: CSCus62707