Connect with us

Vulnerability

Happens to Even the Best--Cisco Password Bug

Malware Vulnerability

Prometei Botnet Infects Systems with Latest Version, Warns Cybersecurity Experts

Vulnerability

Critical Vulnerability Discovered in FortiOS and Palo Alto Networks Firewalls

Hacker News Vulnerability

Lazarus Group Found Exploiting Zero-Day Vulnerabilities in Latest Cyber Attack

Hacker News Vulnerability

Researchers Uncover New Security Vulnerabilities in TPM 2.0 Library

Hacker News Vulnerability

Backdoors to the Home

Hacker News Vulnerability

Zyxel, the Dangers of Hard-coding Credentials

Hacker News Vulnerability

Instagram: User Accounts And Phone Numbers Exposed

Malware Vulnerability

Notepad, New Attack Vector?

Hacker News Vulnerability

WPA3 Still Rough on the Edges

Vulnerability

Happens to Even the Best–Cisco Password Bug

Published

5 years ago

on

Happens to Even the Best--Cisco Password Bug

Cisco is a name synonymous with the best, robust networking devices out there, but even they can slip up from time to time. Slipping up is accidental and non-intentional but lazy is something else. If putting a default password in a network data collection tool, especially in today’s security conscious atmosphere can be considered lazy is a matter of relative judgement.

 

Because nowadays, tools such as the Cisco Common Service Platform Collector (CPSC) are supposed to ask (which it does) for what should be the admin password upon installation, or the registration key for the software is granted by the provider (such as Cisco) after the system admin is registered.

 

Unfortunately, the Cisco Common Service Platform Collector came with what could be considered as a backdoor password. While some admins would appreciate this little ‘feature’ (people tend to forget passwords), in a perfect world, a default, static ‘hardcoded’ password shouldn’t exist.

 

This is something that is better appreciated by malicious adversaries to gain plenty of information on a network’s Cisco devices. Below is a detailed description of the tool from Cisco’s own CSPC Getting Started Guide.

CSPC Getting Started Guide“The Cisco Common Service Platform Collector (CSPC) is an SNMP-based tool that discovers and collects information from the Cisco devices installed on your network.

The CSPC software provides an extensive collection mechanism to gather various aspects of customer device data. Information gathered by the collector is used by several Cisco Service offers, such as Smart Net Total Care, Partner Support Service, and Business Critical Services.

The data is used to provide inventory reports, product alerts, configuration best practices, technical service coverage, lifecycle information, and many other detailed reports and analytics for both the hardware and operating system (OS) software.”

While this password bug does not grant administrator privileges to remote attackers, the tool could give them information they need to do so or, cause some heavy damage.

“…The vulnerability exists because the affected software has a user account with a default, static password… An attacker could exploit this vulnerability by remotely connecting to the affected system using this account. A successful exploit could allow the attacker to log in to the CSPC using the default account.”

–Cisco

Fortunately, as of this writing, Cisco has already issued patches for this vulnerability.

Related Topics:

Technology Enthusiast with a keen eye on the Cyberspace, Entrepreneur, Ethical Hacker

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *