First published: Fri Nov 06 2015(Updated: )
The default configuration of sshd_config in Cisco Mobility Services Engine (MSE) through 8.0.120.7 allows logins by the oracle account, which makes it easier for remote attackers to obtain access by entering this account's hardcoded password in an SSH session, aka Bug ID CSCuv40501.
Credit: ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Mobility Services Engine | =5.1_base | |
Cisco Mobility Services Engine | =5.2_base | |
Cisco Mobility Services Engine | =6.0_base | |
Cisco Mobility Services Engine | =7.0_base | |
Cisco Mobility Services Engine | =7.4.100.0 | |
Cisco Mobility Services Engine | =7.4.110.0 | |
Cisco Mobility Services Engine | =7.4.121.0 | |
Cisco Mobility Services Engine | =7.4_base | |
Cisco Mobility Services Engine | =7.5.102.101 | |
Cisco Mobility Services Engine | =7.6.100.0 | |
Cisco Mobility Services Engine | =7.6.120.0 | |
Cisco Mobility Services Engine | =7.6.132.0 | |
Cisco Mobility Services Engine | =8.0\(110.0\) | |
Cisco Mobility Services Engine | =8.0_base |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.