10
CVE-2016-1560
- EPSS 81.67%
- Veröffentlicht 21.04.2017 20:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
- Quelle cret@cert.org
- CVE-Watchlists
- Unerledigt
LoginExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Exagrid ≫ Ex3000 Firmware Version4.8
Exagrid ≫ Ex5000 Firmware Version4.8
Exagrid ≫ Ex7000 Firmware Version4.8
Exagrid ≫ Ex10000e Firmware Version4.8
Exagrid ≫ Ex13000e Firmware Version4.8
Exagrid ≫ Ex21000e Firmware Version4.8
Exagrid ≫ Ex32000e Firmware Version4.8
Exagrid ≫ Ex40000e Firmware Version4.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 81.67% | 0.991 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-798 Use of Hard-coded Credentials
The product contains hard-coded credentials, such as a password or cryptographic key.