Cisco Elastic Services Controller Insecure Default Password Vulnerability

2017-06-07T16:00:00
ID CISCO-SA-20170607-ESC4
Type cisco
Reporter Cisco
Modified 2017-06-06T16:39:26

Description

A vulnerability in Cisco Elastic Services Controllers could allow an authenticated, remote attacker to log in to an affected system as the Linux root user.

The vulnerability is due to the existence of a default, weak, hard-coded password for the Linux root user of an affected system. A successful exploit could allow the attacker to log in to the affected system as the Linux root user and perform actions associated with the privileges of the root user.

There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esc4 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170607-esc4"]