Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco vWAAS for Cisco ENCS 5400-W Series and CSP 5000-W Series Default Credentials Vulnerability
Vulnerability Description
A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS)-bundled images for Cisco ENCS 5400-W Series and CSP 5000-W Series appliances could allow an unauthenticated, remote attacker to log into the NFVIS CLI of an affected device by using accounts that have a default, static password. The vulnerability exists because the affected software has user accounts with default, static passwords. An attacker with access to the NFVIS CLI of an affected device could exploit this vulnerability by logging into the CLI. A successful exploit could allow the attacker to access the NFVIS CLI with administrator privileges.
CVSS Information
N/A
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
Cisco ENCS 5400-W Series和CSP 5000-W Series 信任管理问题漏洞
Vulnerability Description
Cisco Enterprise NFV Infrastructure Software(NFVIS)是美国思科(Cisco)公司的一套NVF基础架构软件平台。该平台可以通过中央协调器和控制器实现虚拟化服务的全生命周期管理。 Cisco ENCS 5400-W Series和CSP 5000-W Series中的Virtual Wide Area Application Services (vWAAS)(带有NFVIS捆绑的镜像)存在信任管理问题漏洞,该漏洞源于用户账户使用了默认的静态密码。攻击者可借助该
CVSS Information
N/A
Vulnerability Type
N/A