CVE-2016-1329

Low

Low Medium High Critical

CVSS Score

Published: Mar 03, 2016

Last Modified: Apr 12, 2025

Vulnerability Description

Cisco NX-OS 6.0(2)U6(1) through 6.0(2)U6(5) on Nexus 3000 devices and 6.0(2)A6(1) through 6.0(2)A6(5) and 6.0(2)A7(1) on Nexus 3500 devices has hardcoded credentials, which allows remote attackers to obtain root privileges via a (1) TELNET or (2) SSH session, aka Bug ID CSCuy25800.

Known Affected Software

3 configuration(s) from 3 vendor(s)

x14j_firmware

Version:

t-ms14jakucb-1102.5

CPE:

cpe:2.3:o:samsung:x14j_firmware:t-ms14jakucb-1102.5:*:*:*:*:*:*:*

opensolaris

Version:

snv_124

CPE:

cpe:2.3:o:sun:opensolaris:snv_124:*:*:*:*:*:*:*

keymouse_firmware

Version:

3.08

CPE:

cpe:2.3:o:zzinc:keymouse_firmware:3.08:*:*:*:*:windows:*:*

This vulnerability affects 3 software configuration(s). Ensure you patch all affected systems.

References & Resources

Severity Details

out of 10.0

Low

Weakness Type (CWE)

CWE-287 Top 25 #10

Improper Authentication

Description: When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Exploit Likelihood: High
Typical Severity: High
OWASP Top 10: A07:2021-Identification/Auth Failures
Abstraction Level: Class