Cisco Catalyst 3750 series router default credential Security Bypass Vulnerability

Cisco Catalyst 3750 series router default credential Security Bypass Vulnerability

Release date:
Updated on:

Affected Systems:
Cisco IOS 15.0SE
Description:
--------------------------------------------------------------------------------
Bugtraq id: 63342
CVE (CAN) ID: CVE-2013-5522

Cisco Catalyst 3750 series is a stack switch product.

The default credential security vulnerability exists in the service module of Cisco Catalyst 3750-X series switches, authenticated local attackers can use the default credential to log on and use this vulnerability to completely control the operating system running on the service module and obtain root service permissions.

<* Source: Cisco

Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5522
*>

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Cisco
-----
Cisco has released a Security Bulletin (CVE-2013-5522) and patches for this:
CVE-2013-5522: Cisco Catalyst 3750-X Series Switch Default Credentials Vulnerability
Link: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5522