語系:
嚴重性: Critical
ID: 23938
檔案名稱: cisco_default_pw.nasl
版本: 1.50
類型: remote
系列: CISCO
已發布: 2006/12/23
已更新: 2023/11/27
支援的感應器: Nessus
CVSS 評分論據: Av:n is justified since the plugin tries to login via ssh or telnet. while the nvd score implies the the device is only accessible locally, that's not explicitly specified in the cve description: an account on a router, firewall, or other network device has a default, null, blank, or missing password. it is a reasonable assumption that if the plugin can log in with one of the sets of credentials attempted in the plugin, it can own the device (hence cia complete instead of partial).
風險因素: Medium
分數: 6.7
風險因素: Critical
基本分數: 10
時間分數: 7.7
媒介: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS 評分資料來源: CVE-1999-0508
風險因素: Critical
基本分數: 9.8
媒介: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE: cpe:/o:cisco
排除在外的 KB 項目: global_settings/supplied_logins_only
可輕鬆利用: No exploit is required
弱點發布日期: 1999/1/1
CVE: CVE-1999-0508