The Latest in IT Security

Cisco Patches Critical ‘Default Password’ Bug

14
Mar
2019

Cisco Systems is warning customers that a discovery tool for network devices can be accessed by a remote and unauthenticated attacker. The flaw could allow an adversary to log into the system and collect sensitive data tied to host operating systems and hardware.

The disclosure is part of a Cisco Security Advisory and patch (CVE-2019-1723) issued Wednesday. The vulnerability is rated critical, with a CVSS rating of 9.8.

Affected is the Cisco Common Service Platform Collector (CSPC), a tool used for discovering and collecting information from the Cisco devices installed on a network. The flaw includes a default, static password that can be accessed remotely by an unauthenticated adversary. Cisco stresses, that access to CSPC does not grant administrator privileges to an attacker.

Read More

Leave a reply


Categories

FRIDAY, MARCH 29, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments