December 9, 2015
Cisco is warning users this week that several of its products — routers, gateways, and data center platforms — suffer from vulnerabilities, including one critical one.
Cisco warned about the most pressing issue, a critical vulnerability in its Prime Collaboration Assurance software, shortly after noon Wednesday. The problem stems from the fact that there’s an undocumented account in the software which has a default and static password that cannot be changed or deleted, Cisco claims. An attacker could use this account to log into the system shell. From there they could access the system, including sensitive data – like password and system logs, modify data, and even run executables.
