Lucene search

[email protected]CVE-2011-0354

HistoryFeb 03, 2011 - 4:00 p.m.

CVE-2011-0354

2011-02-0316:00:02

CWE-255

[email protected]

web.nvd.nist.gov

cisco

tandberg

cve-2011-0354

security

remote access

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.051 Low

EPSS

Percentile

93.0%

JSON

The default configuration of Cisco Tandberg C Series Endpoints, and Tandberg E and EX Personal Video units, with software before TC4.0.0 has a blank password for the root account, which makes it easier for remote attackers to obtain access via an unspecified login method.

Affected configurations

NVD

Node

ciscotandberg_endpointRange≤tc3.1.3

ciscotandberg_endpointMatchtc2.1.2

ciscotandberg_endpointMatchtc3.0.0

ciscotandberg_endpointMatchtc3.1.0

ciscotandberg_endpointMatchtc3.1.1

ciscotandberg_endpointMatchtc3.1.2

AND

ciscotandberg_endpointMatchc20

ciscotandberg_endpointMatchc40

ciscotandberg_endpointMatchc60

ciscotandberg_endpointMatchc90

Node

ciscotandberg_personal_video_unit_softwareRange≤tc3.1.3

ciscotandberg_personal_video_unit_softwareMatchtc3.1.0

ciscotandberg_personal_video_unit_softwareMatchtc3.1.1

ciscotandberg_personal_video_unit_softwareMatchtc3.1.2

AND

ciscotandberg_personal_video_unitMatchex90

Node

ciscotandberg_personal_video_unit_softwareRange≤te2.2.1

ciscotandberg_personal_video_unit_softwareMatchte1.0.1

ciscotandberg_personal_video_unit_softwareMatchte2.2.0

AND

ciscotandberg_personal_video_unitMatche20

Node

ciscotandberg_personal_video_unit_softwareMatchtc3.1.2

AND

ciscotandberg_personal_video_unitMatchex60

CPENameOperatorVersion
cisco:tandberg_endpointcisco tandberg endpointletc3.1.3
cisco:tandberg_endpointcisco tandberg endpointeqtc2.1.2
cisco:tandberg_endpointcisco tandberg endpointeqtc3.0.0
cisco:tandberg_endpointcisco tandberg endpointeqtc3.1.0
cisco:tandberg_endpointcisco tandberg endpointeqtc3.1.1
cisco:tandberg_endpointcisco tandberg endpointeqtc3.1.2
cisco:tandberg_endpointcisco tandberg endpointeqc20
cisco:tandberg_endpointcisco tandberg endpointeqc40
cisco:tandberg_endpointcisco tandberg endpointeqc60
cisco:tandberg_endpointcisco tandberg endpointeqc90

CPE	Name	Operator	Version
cisco:tandberg_endpoint	cisco tandberg endpoint	le	tc3.1.3
cisco:tandberg_endpoint	cisco tandberg endpoint	eq	tc2.1.2
cisco:tandberg_endpoint	cisco tandberg endpoint	eq	tc3.0.0
cisco:tandberg_endpoint	cisco tandberg endpoint	eq	tc3.1.0
cisco:tandberg_endpoint	cisco tandberg endpoint	eq	tc3.1.1
cisco:tandberg_endpoint	cisco tandberg endpoint	eq	tc3.1.2
cisco:tandberg_endpoint	cisco tandberg endpoint	eq	c20
cisco:tandberg_endpoint	cisco tandberg endpoint	eq	c40
cisco:tandberg_endpoint	cisco tandberg endpoint	eq	c60
cisco:tandberg_endpoint	cisco tandberg endpoint	eq	c90