Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Cisco Mobility Services Engine Multiple Vulnerabilities

Information

Severity

Severity

Medium

Family

Family

CISCO

CVSSv2 Base

CVSSv2 Base

6.9

CVSSv2 Vector

CVSSv2 Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Solution Type

Solution Type

Vendor Patch

Created

Created

6 years ago

Modified

Modified

3 years ago

Summary

Cisco Mobility Services Engine is prone to the following vulnerabilities: 1. an insecure default-password vulnerability. Remote attackers with knowledge of the default credentials may exploit this vulnerability to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. 2. a local privilege-escalation vulnerability. A local attacker may exploit this issue to gain elevated root privileges on the device.

Insight

Insight

This issues are being tracked by Cisco Bug ID CSCuv40501 and CSCuv40504

Affected Software

Affected Software

Cisco Mobility Services Engine (MSE) versions 8.0.120.7 and earlier are vulnerable.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Updates are available.

Common Vulnerabilities and Exposures (CVE)