HomePentest-Tools.com Logo

Cisco Intercloud Fabric Database Static Credentials Vulnerability CVE-2016-9217

Severity
CVSSv3 Score
8.8
Vulnerability description

A vulnerability in Cisco Intercloud Fabric for Business and Cisco Intercloud Fabric for Providers could allow an unauthenticated, remote attacker to connect to the database used by these products.

Risk description

The vulnerability occurs because the database account uses static credentials. Note that this database contains only internal objects used by the application. The database does not contain other credentials. Please note that this product has entered the end-of-sale and end-of-life process. An attacker could exploit this vulnerability by using these credentials to connect to the database. The contents of the database can then be examined or modified.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 26, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available