Cisco: >> Cs-Mars >> 4.1.2 Security Vulnerabilities
The Cisco Security Monitoring, Analysis and Response System (CS-MARS) 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace.## files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by reading these files.
CVSS Score
3.3
EPSS Score
0.002
Published
2009-08-27
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1 ships with an Oracle database that contains several default accounts and passwords, which allows attackers to obtain sensitive information.
CVSS Score
5.0
EPSS Score
0.005
Published
2006-07-21
Multiple unspecified vulnerabilities in the Command Line Interface (CLI) for Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allow local CS-MARS administrators to execute arbitrary commands as root.
CVSS Score
7.2
EPSS Score
0.012
Published
2006-07-21
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command.
CVSS Score
7.2
EPSS Score
0.001
Published
2006-01-12