Vulnerability in Cisco Ip_video_phone_e20

CVE-2011-4659

Cisco TelePresence Software before TE 4.1.1 on the Cisco IP Video Phone E20 has a default password for the root account after an upgrade to TE 4.1.0, which makes it easier for remote attackers to modify the configuration via an SSH session…

EPSS: 0.009 (75.9th percentile) — read the EPSS interpretation.

Affected products

Cisco Ip_video_phone_e20
Cisco Telepresence_e20_software — versions te2.2, te2.2.1, te4.0.0
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

20120118 Cisco IP Video Phone E20 Default Root Account (x_refsource_CISCO, vendor-advisory, Vendor Advisory)