Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4659

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-4659
Last Modified 10 Feb 2012 12:00:00
Published 19 Jan 2012 10:55:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-4659

Summary

Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555.

Vulnerable Systems

Application

  • Cisco Telepresence E20 Software Te2.2

  • Cisco Telepresence E20 Software Te2.2.1

  • Cisco Telepresence E20 Software Te4.0.0

  • Cisco Telepresence E20 Software Te4.1.0

  • Cisco Telepresence E20 Software Te4.1.1

  • Cisco Telepresence E20 Software Te4.1.1-cucm

  • Cisco Telepresence E20 Software Tenc4.0.0

  • Cisco Telepresence E20 Software Tenc4.1.0

  • Cisco Telepresence E20 Software Tenc4.1.1

  • Cisco Telepresence E20 Software Tenc4.1.1-cucm


References

CISCO - 20120118 Cisco IP Video Phone E20 Default Root Account


Last Updated: 27 May 2016 10:42:30