Hardcoded Password Vulnerability in Cisco Unified Communications Domain Manager
CVE-2015-4196

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Communications Domain Manager
Vendor: CVE Published:; 4 July 2015

Summary

In Cisco Unified Communications Domain Manager (CDM) versions prior to 4.4.5, the platform software contains a hardcoded password for a privileged account. This poses a significant security risk as it enables remote attackers to gain root access by leveraging this known password through an SSH session. The vulnerability underscores the importance of secure credential management to prevent unauthorized access and potential system compromise.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

http://www.securitytracker.com/id/1032774

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Jul 4, 2015
Vulnerability Reserved
Jun 4, 2015