Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3290

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-3290
Last Modified 05 Oct 2011 10:50:56
Published 21 Sep 2011 12:55:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-3290

Summary

Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via unknown vectors, aka Bug ID CSCts59135.

Vulnerable Systems

Application

  • Cisco Identity Services Engine Software 1.0

  • Cisco Identity Services Engine Software 1.0.4

  • Cisco Identity Services Engine Software 1.0mr


References

XF - cisco-ise-default-credentials(69945)

SECTRACK - 1026075

BID - 49703

CISCO - 20110920 Cisco Identity Services Engine Database Default Credentials Vulnerability

SECUNIA - 46061


Last Updated: 27 May 2016 10:57:41