‘Cisco Digital Media Manager Default Credentials Vulnerability’

Summary

A vulnerability related to default credentials exists in the Cisco Digital Media Manager (DMM).’

Credit:

‘The original article can be found at: http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml


Details

Vulnerable Systems:
 * Cisco DMM versions 5.0.x
 * Cisco DMM versions 5.1.x

Immune Systems:
 * Cisco DMM versions 4.x
 * Cisco DMM version 5.2

Cisco DMM versions earlier than 5.2 have default credentials that could allow an attacker full control of the installed web applications, including settings, status, and deployment.

This vulnerability is documented in Cisco Bug ID CSCta03378 .
Successful exploitation of this vulnerability could allow an attacker to change the settings, status, and deployment of the installed web applications.

CVE Information:
CVE-2010-0570

Disclosure Timeline:
2010.03.03: Release of this Advisory’

Categories: News