Cleartext Password Storage in Cisco CBOS by Cisco Systems
CVE-2001-0753

Currently unrated

Key Information:

Vendor: Cisco
Status: Cbos
Vendor: CVE Published:; 18 October 2001

Summary

Cisco CBOS 2.3.8 and earlier versions store passwords for both exec and enable commands in cleartext within the Non-Volatile Random Access Memory (NVRAM) and associated configuration files. This design flaw allows unauthorized individuals to easily retrieve these sensitive passwords, which could lead to unauthorized privileges and potential exploitation of the affected systems.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/44544

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/CBOS-multiple2-pub.html

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Oct 18, 2001
Vulnerability Reserved
Oct 12, 2001