CVE-2013-3454
critical
Cisco CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
0.8%
Exploitation probability in 30 days
Top 25% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Vulnerability Report
Generated by CyberWatcher
Description
Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTPS requests, aka Bug ID CSCui43128.
CWE
CWE-255Affected Products
cisco telepresence system tx9000cisco telepresence system tx9200cisco telepresence system softwarecisco telepresence system 1300cisco telepresence system 1300-65cisco telepresence system 3000cisco telepresence system 3010cisco telepresence system 3200cisco telepresence system 3210cisco telepresence system 500-32