Vulnerability Details CVE-2016-1329
Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.021
EPSS Ranking 83.4%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n3k
- http://www.securitytracker.com/id/1035161
- https://isc.sans.edu/forums/diary/20795
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-n3k
- http://www.securitytracker.com/id/1035161
- https://isc.sans.edu/forums/diary/20795
Products affected by CVE-2016-1329
-
cpe:2.3:h:cisco:nexus_3048:-
-
cpe:2.3:h:cisco:nexus_3064:-
-
cpe:2.3:h:cisco:nexus_3064t:-
-
cpe:2.3:h:cisco:nexus_3064x:-
-
cpe:2.3:h:cisco:nexus_3524:-
-
cpe:2.3:h:cisco:nexus_3548:-
-
cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5
-
cpe:2.3:o:sun:opensolaris:snv_124
-
cpe:2.3:o:zyxel:gs1900-10hp_firmware:-
-
cpe:2.3:o:zyxel:gs1900-10hp_firmware:2.40
-
cpe:2.3:o:zzinc:keymouse_firmware:3.08