CVE-2012-4088

The FTP server in Cisco Unified Computing System (UCS) has a hardcoded password for an unspecified user account, which makes it easier for remote attackers to read or modify files by leveraging knowledge of this password, aka Bug ID CSCtg20769.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:A/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 5.5 / Impact : 4.9

Access Vector ADJACENT_NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://secunia.com/advisories/54682
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-4088	Vendor Advisory
http://www.securitytracker.com/id/1029102	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

cpe:2.3:h:cisco:unified_computing_system:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2013-09-26 14:16

Updated : 2024-02-04 18:16

NVD link : CVE-2012-4088

Mitre link : CVE-2012-4088

CVE.ORG link : CVE-2012-4088

JSON object : View

Products Affected

cisco

unified_computing_system

CWE

CWE-255

Credentials Management Errors

4.3 /10