HomePentest-Tools.com Logo

Cisco IOS XR Software Default Credentials Vulnerability (cisco-sa-20161207-iosxr) CVE-2016-9215

Severity
CVSSv3 Score
7.8
Vulnerability description

A vulnerability in Cisco IOS XR Software could allow an authenticated, local attacker to log in to the device with the privileges of the root user.

Risk description

The vulnerability is due to a user account that has a default and static password. An attacker could exploit this vulnerability by connecting to the affected system using this default account. An exploit could allow the attacker to log in with the default credentials, allowing the attacker to gain complete control of the underlying operating system.

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Dec 14, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available