Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected device. A successful exploit could allow the attacker to log in to the device with privilege level 15 access. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software Release 16.x. This vulnerability does not affect Cisco IOS XE Software releases prior to Release 16.x. Cisco Bug IDs: CSCve89880.
CVSS Information
N/A
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
Cisco IOS XE Software 安全漏洞
Vulnerability Description
Cisco IOS XE Software是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XE Software 16.x版本中存在安全漏洞,该漏洞源于拥有15级别特权的账户使用了默认的用户名和密码。远程攻击者可借助该账户利用该漏洞以15级别特权登录设备。
CVSS Information
N/A
Vulnerability Type
N/A