1. Home
  2. CVE Database
  3. CVE-2016-1560
CRITICAL · 9.8

CVE-2016-1560

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote a...

Vulnerability Description

ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session.

CVSS Score

9.8

CRITICAL

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
ExagridEx3000 Firmware4.8
ExagridEx3000-
ExagridEx5000 Firmware4.8
ExagridEx5000-
ExagridEx7000 Firmware4.8
ExagridEx7000-
ExagridEx10000E Firmware4.8
ExagridEx10000E-
ExagridEx13000E Firmware4.8
ExagridEx13000E-
ExagridEx21000E Firmware4.8
ExagridEx21000E-
ExagridEx32000E Firmware4.8
ExagridEx32000E-
ExagridEx40000E Firmware4.8
ExagridEx40000E-

Related Weaknesses (CWE)

CWE-798

References

FAQ

What is CVE-2016-1560?

CVE-2016-1560 is a vulnerability with a CVSS score of 9.8 (CRITICAL). ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote a...

How severe is CVE-2016-1560?

CVE-2016-1560 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.

Is there a patch for CVE-2016-1560?

Check the references section above for vendor advisories and patch information. Affected products include: Exagrid Ex3000 Firmware, Exagrid Ex3000, Exagrid Ex5000 Firmware, Exagrid Ex5000, Exagrid Ex7000 Firmware.