Hardcoded password in Cisco software could be used to gain control of systems

Full Article :

BetaNews - https://betanews.com/2018/03/08/hardcoded-cisco-password-vulnerability/

Cisco’s Prime Collaboration Provisioning (PCP) software has a hardcoded password that could be used by an attacker to gain full control of a system. The company even says that “extenuating circumstances” exist that could enable an attacker to elevate privileges to root. The vulnerability (CVE-2018-0141) affects version 11.6 of the software. A patch has been made available, and users are encouraged to install it as soon as possible as there are no other workarounds. Cisco explains that the problem is fixed in Prime Collaboration Provisioning Software Releases 12.1 and later, and says that it was detected during “internal security testing.”…

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: