10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
69.1%
A vulnerability in the WIL-A module of Cisco TelePresence VX Clinical Assistant could allow an unauthenticated, remote attacker to log in as the admin user of the device using a blank password.
The vulnerability is due to a coding error that resets the password for the admin user to a blank password on every reboot. An attacker could exploit this vulnerability by logging in to the administrative interface as the admin user with a blank password.
Cisco has released software updates that address this vulnerability. This advisory is available at the following link:
CPE | Name | Operator | Version |
---|---|---|---|
cisco telepresence vx clinical assistant | eq | any | |
cisco telepresence vx clinical assistant | eq | any |