CVE-2007-4746

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-4746
The Cisco Video Surveillance IP Gateway Encoder/Decoder (Standalone and Module) firmware 1.8.1 and earlier, Video Surveillance SP/ISP Decoder Software firmware 1.11.0 and earlier, and the Video Surveillance SP/ISP firmware 1.23.7 and earlier have default passwords for the sypixx and root user accounts, which allows remote attackers to perform administrative actions, aka CSCsj34681.

9.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 8.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://osvdb.org/37502
http://secunia.com/advisories/26721 Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml Vendor Advisory
http://www.securityfocus.com/bid/25549
http://www.securitytracker.com/id?1018655
http://www.vupen.com/english/advisories/2007/3061
https://exchange.xforce.ibmcloud.com/vulnerabilities/36451
http://osvdb.org/37502
http://secunia.com/advisories/26721 Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml Vendor Advisory
http://www.securityfocus.com/bid/25549
http://www.securitytracker.com/id?1018655
http://www.vupen.com/english/advisories/2007/3061
https://exchange.xforce.ibmcloud.com/vulnerabilities/36451
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:video_surveillance_ip_gateway_encoder_decoder:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:video_surveillance_sp_isp_decoder_software:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:video_surveillance_sp_isp:*:*:*:*:*:*:*:*
History

21 Nov 2024, 00:36

Type Values Removed Values Added
References () http://osvdb.org/37502 - () http://osvdb.org/37502 -
References () http://secunia.com/advisories/26721 - Vendor Advisory () http://secunia.com/advisories/26721 - Vendor Advisory
References () http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml - Vendor Advisory () http://www.cisco.com/en/US/products/products_security_advisory09186a00808b4d38.shtml - Vendor Advisory
References () http://www.securityfocus.com/bid/25549 - () http://www.securityfocus.com/bid/25549 -
References () http://www.securitytracker.com/id?1018655 - () http://www.securitytracker.com/id?1018655 -
References () http://www.vupen.com/english/advisories/2007/3061 - () http://www.vupen.com/english/advisories/2007/3061 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/36451 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/36451 -
Information

Published : 2007-09-06 22:17

Updated : 2024-11-21 00:36

NVD link : CVE-2007-4746

Mitre link : CVE-2007-4746

CVE.ORG link : CVE-2007-4746

JSON object : View

Products Affected

cisco

  • video_surveillance_sp_isp
  • video_surveillance_sp_isp_decoder_software
  • video_surveillance_ip_gateway_encoder_decoder
CWE
CWE-264

Permissions, Privileges, and Access Controls