Cisco Prime Network Control Systems Database Credentials Vulnerability

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-37661	2013-A-0092	SV-49423r2_rule	ECMT-1 ECMT-2 VIVM-1	High

Description
Cisco has released a security advisory to address a system database credentials vulnerability in Cisco Prime Network Control System (NCS). Cisco Prime Network Control Systems provides converged access as well as user and identity management across wired and wireless networks. To exploit this vulnerability, an attacker would interact with an affected system, using default credentials. If successfully exploited, this vulnerability would allow an unauthorized remote attacker to modify the device configuration and settings or disrupt services. <BR/><BR/> At this time, there are no known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents.

Description

Cisco has released a security advisory to address a system database credentials vulnerability in Cisco Prime Network Control System (NCS). Cisco Prime Network Control Systems provides converged access as well as user and identity management across wired and wireless networks. To exploit this vulnerability, an attacker would interact with an affected system, using default credentials. If successfully exploited, this vulnerability would allow an unauthorized remote attacker to modify the device configuration and settings or disrupt services. <BR/><BR/> At this time, there are no known exploits associated with this vulnerability; USCYBERCOM is not aware of any DoD related incidents.

STIG	Date
VMware ESXi Server 5.0 Security Technical Implementation Guide	2013-09-12

Details

Check Text ( None )
None

Fix Text (None)
None