CVE-2016-1329

Published on: 03/03/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:05 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Certain versions of Nexus 3048 from Cisco contain the following vulnerability:

Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.

  • CVE-2016-1329 has been assigned by [email protected] to track the vulnerability - currently rated as - currently rated as CRITICAL severity.

CVSS3 Score: 9.8 - CRITICAL

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 10 - HIGH

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
COMPLETE COMPLETE COMPLETE

CVE References

Description Tags Link
Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability Vendor Advisory
tools.cisco.com
text/html
URL Logo CISCO 20160302 Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability
Cisco Nexus 3000 Series Default Account and Credentials Lets Remote Users Access the Target System with Root Privileges - SecurityTracker www.securitytracker.com
text/html
URL Logo SECTRACK 1035161
Cisco Security Advisory: Default Credentials isc.sans.edu
text/html
URL Logo MISC isc.sans.edu/forums/diary/20795

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
HardwareCiscoNexus 3048-AllAllAll
HardwareCiscoNexus 3048-AllAllAll
HardwareCiscoNexus 3064-AllAllAll
HardwareCiscoNexus 3064-AllAllAll
HardwareCiscoNexus 3064t-AllAllAll
HardwareCiscoNexus 3064t-AllAllAll
HardwareCiscoNexus 3064x-AllAllAll
HardwareCiscoNexus 3064x-AllAllAll
HardwareCiscoNexus 3524-AllAllAll
HardwareCiscoNexus 3524-AllAllAll
HardwareCiscoNexus 3548-AllAllAll
HardwareCiscoNexus 3548-AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(1\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(2\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(3\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(4\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(5\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(1\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(2\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(3\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(4\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(5\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(1\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(2\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(3\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(4\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)a6\\\(5\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(1\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(2\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(3\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(4\\\)AllAllAll
Operating
System
CiscoNx-os6.0\\\(2\\\)u6\\\(5\\\)AllAllAll
Operating
System
CiscoNx-ox6.0\\\(2\\\)a7\\\(1\\\)AllAllAll
Operating
System
CiscoNx-ox6.0\\\(2\\\)a7\\\(1\\\)AllAllAll
  • cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3048:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3064:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3064t:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3064x:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3524:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*:
  • cpe:2.3:h:cisco:nexus_3548:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(1\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(2\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(3\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(4\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(5\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(1\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(2\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(3\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(4\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(5\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(1\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(2\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(3\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(4\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)a6\\\(5\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(1\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(2\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(3\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(4\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-os:6.0\\\(2\\\)u6\\\(5\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-ox:6.0\\\(2\\\)a7\\\(1\\\):*:*:*:*:*:*:*:
  • cpe:2.3:o:cisco:nx-ox:6.0\\\(2\\\)a7\\\(1\\\):*:*:*:*:*:*:*: