A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Cisco Emergency Responder Static Credentials Vulnerability (CVE-2023-20101)

Cisco Emergency Responder Static Credentials Vulnerability (CVE-2023-20101)

Advisory No: TZCERT/SA/2023/10/5

Date of First Release: 5th October 2023

Source: CISCO

Software Affected:  Cisco Emergency Responder

Overview:

A vulnerability affecting Cisco Emergency Responder has been disclosed. This vulnerability may lead to arbitrary code execution in the context of privileged user.

Description:

Cisco Emergency Responder has the static user credentials for the root account that is reserved for use during development. This default account with static credentials that cannot be changed or deleted is vulnerable. It allows the attacker to log in to the affected system and execute arbitrary commands as root user.

Impact:

Successful exploitation of this vulnerability may allow the attacker to take control of affected system.

Solution:

Cisco has released a patch for this vulnerability. Users and administrators are encouraged to apply all necessary updates.

References:

  1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cer-priv-esc-B9t3hqk9

Best free WordPress theme

Check Also

HPE Superdome Flex, Superdome Flex 280 and Compute Scale-up Server 3200 Servers Arbitrary Code Execution (CVE-2021-38578)

Advisory No: TZCERT/SA/2024/04/19 Date of First Release: 19th April 2024 Source: Hewlett Packard Enterprise (HPE) …

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2024, All Rights Reserved.