CVE-2016-1341

Severity

69%

Complexity

34%

Confidentiality

165%

Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCur22079.

Cisco NX-OS 7.0(1)N1(1), 7.0(1)N1(3), and 7.0(4)N1(1) on Nexus 2000 Fabric Extender devices has a blank root password, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCur22079.

CVSS 3.0 Base Score 9.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 6.9. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

Cisco NX-OS

First reported 8 years ago

2016-02-24 03:59:00

Last updated 8 years ago

2016-12-06 03:06:00

Affected Software

Cisco NX-OS 7.0(1)N1(1)

7.0\(1\)n1\(1\)

Cisco NX-OS 7.0(1)N1(3)

7.0\(1\)n1\(3\)

Cisco NX-OS 7.0(4)N1(1)

7.0\(4\)n1\(1\)

References

20160223 Cisco Nexus 2000 Series Fabric Extender Software Default Credential Vulnerability

Vendor Advisory

1035088

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.