Vulnerability Details CVE-2011-4659
Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session, aka Bug ID CSCtw69889, a different vulnerability than CVE-2011-2555.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 79.1%
CVSS Severity
CVSS v2 Score 10.0
References
Products affected by CVE-2011-4659
-
cpe:2.3:a:cisco:telepresence_e20_software:te2.2
-
cpe:2.3:a:cisco:telepresence_e20_software:te2.2.1
-
cpe:2.3:a:cisco:telepresence_e20_software:te4.0.0
-
cpe:2.3:a:cisco:telepresence_e20_software:te4.1.0
-
cpe:2.3:a:cisco:telepresence_e20_software:te4.1.1
-
cpe:2.3:a:cisco:telepresence_e20_software:te4.1.1-cucm
-
cpe:2.3:a:cisco:telepresence_e20_software:tenc4.0.0
-
cpe:2.3:a:cisco:telepresence_e20_software:tenc4.1.0
-
cpe:2.3:a:cisco:telepresence_e20_software:tenc4.1.1
-
cpe:2.3:a:cisco:telepresence_e20_software:tenc4.1.1-cucm
-
cpe:2.3:h:cisco:ip_video_phone_e20:-