CVE-2007-2282

2007-04-2619:19:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.8

Confidence

Low

EPSS

0.02

Percentile

88.9%

JSON

Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system.

Affected configurations

Nvd

Node

cisconetflow_collection_engineMatch1.0

cisconetflow_collection_engineMatch2.0

cisconetflow_collection_engineMatch3.0

cisconetflow_collection_engineMatch3.5

cisconetflow_collection_engineMatch3.6

cisconetflow_collection_engineMatch4.0

cisconetflow_collection_engineMatch5.0

cisconetflow_collection_engineMatch5.0.3

VendorProductVersionCPE
cisconetflow_collection_engine1.0cpe:2.3:a:cisco:netflow_collection_engine:1.0:*:*:*:*:*:*:*
cisconetflow_collection_engine2.0cpe:2.3:a:cisco:netflow_collection_engine:2.0:*:*:*:*:*:*:*
cisconetflow_collection_engine3.0cpe:2.3:a:cisco:netflow_collection_engine:3.0:*:*:*:*:*:*:*
cisconetflow_collection_engine3.5cpe:2.3:a:cisco:netflow_collection_engine:3.5:*:*:*:*:*:*:*
cisconetflow_collection_engine3.6cpe:2.3:a:cisco:netflow_collection_engine:3.6:*:*:*:*:*:*:*
cisconetflow_collection_engine4.0cpe:2.3:a:cisco:netflow_collection_engine:4.0:*:*:*:*:*:*:*
cisconetflow_collection_engine5.0cpe:2.3:a:cisco:netflow_collection_engine:5.0:*:*:*:*:*:*:*
cisconetflow_collection_engine5.0.3cpe:2.3:a:cisco:netflow_collection_engine:5.0.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	netflow_collection_engine	1.0	cpe:2.3:a:cisco:netflow_collection_engine:1.0:::::::*
cisco	netflow_collection_engine	2.0	cpe:2.3:a:cisco:netflow_collection_engine:2.0:::::::*
cisco	netflow_collection_engine	3.0	cpe:2.3:a:cisco:netflow_collection_engine:3.0:::::::*
cisco	netflow_collection_engine	3.5	cpe:2.3:a:cisco:netflow_collection_engine:3.5:::::::*
cisco	netflow_collection_engine	3.6	cpe:2.3:a:cisco:netflow_collection_engine:3.6:::::::*
cisco	netflow_collection_engine	4.0	cpe:2.3:a:cisco:netflow_collection_engine:4.0:::::::*
cisco	netflow_collection_engine	5.0	cpe:2.3:a:cisco:netflow_collection_engine:5.0:::::::*
cisco	netflow_collection_engine	5.0.3	cpe:2.3:a:cisco:netflow_collection_engine:5.0.3:::::::*