Cisco Aironet Active Sensor Static Credentials Vulnerability

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker could exploit this vulnerability by guessing the account name and password to access the CLI. A successful exploit could allow the attacker to reboot the device repeatedly, creating a denial of service (DoS) condition. It is not possible to change the configuration or view sensitive data with this account. Versions prior to DNAC1.2.8 are affected.

N/A

使用硬编码的凭证

Cisco Aironet Active Sensor 信任管理问题漏洞

Cisco Aironet Active Sensor是美国思科（Cisco）公司的一款有源无线网络传感器。该产品主要用于监控无线网络性能。 Cisco Aironet Active Sensor中的默认配置存在安全漏洞，该漏洞源于默认的本地账户使用了静态密码。远程攻击者可通过猜测账户名及密码利用该漏洞造成拒绝服务。

N/A

N/A