Main Vulnerability Database SB2018110828

SB2018110828 - Authentication bypass (backdoor) in Cisco 550X Series Stackable Managed Switches

Published: November 8, 2018

Security Bulletin ID SB2018110828

CSH Severity

High

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Authentication bypass (backdoor) (CVE-ID: CVE-2018-15439)

CWE-ID: CWE-798 - Use of Hard-coded Credentials

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

The vulnerability allows a remote unauthenticated attacker to bypass authentication mechanism on the target device.

The weakness exist due to the presence of undocumented, static user credentials for the default administrative account. A remote attacker can use a backdoor account to log into the system, bypass authentication and execute arbitrary commands with full admin rights.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sbsw-privacc