Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1 ships with an Oracle database that contains several default accounts and passwords, which allows attackers to obtain sensitive information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco CS-MARS内置帐号信息泄露漏洞
Vulnerability Description
Cisco安全监控、分析和响应系统(CS-MARS)可从各种网络设备接收事件日志,关联并分析接收到的安全问题数据,并报告发现。 CS-MARS使用Oracle数据库存储敏感网络事件和配置数据。数据库中的信息可能包括网络设备的认证凭据,如防火墙、路由器和IPS设备、以及网络安全事件的详细信息。默认下Oracle数据库包含有几个有公开口令的内置帐号,如果可以获得对数据库的访问的话,就可以使用这些帐号入侵存储在数据库中的信息。
CVSS Information
N/A
Vulnerability Type
N/A