Cisco IOS XR Software Default Credentials Vulnerability (cisco-sa-20161207-iosxr) CVE-2016-9215
- CVSSv3 Score
- Vulnerability description
A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user.
- Risk description
The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to gain complete control of the underlying operating system.
See the referenced vendor advisory for a solution.
- Not available