Vulnerability Description
Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Netflow Collection Engine | 1.0 |
References
- http://securitytracker.com/id?1017960
- http://www.cisco.com/en/US/products/products_security_advisory09186a008082c520.sVendor Advisory
- http://www.kb.cert.org/vuls/id/127545US Government Resource
- http://www.osvdb.org/35524
- http://www.securityfocus.com/bid/23647
- http://www.vupen.com/english/advisories/2007/1545
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33861
- http://securitytracker.com/id?1017960
- http://www.cisco.com/en/US/products/products_security_advisory09186a008082c520.sVendor Advisory
- http://www.kb.cert.org/vuls/id/127545US Government Resource
- http://www.osvdb.org/35524
- http://www.securityfocus.com/bid/23647
- http://www.vupen.com/english/advisories/2007/1545
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33861
FAQ
What is CVE-2007-2282?
CVE-2007-2282 is a vulnerability with a CVSS score of 10.0 (HIGH). Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and,...
How severe is CVE-2007-2282?
CVE-2007-2282 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-2282?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Netflow Collection Engine.