CVE-2013-3454
Severity CVSS v4.0:
Pending analysis
Type:
CWE-255
Credentials Management
Publication date:
08/08/2013
Last modified:
11/04/2025
Description
Cisco TelePresence System Software 1.10.1 and earlier on 500, 13X0, 1X00, 30X0, and 3X00 devices, and 6.0.3 and earlier on TX 9X00 devices, has a default password for the pwrecovery account, which makes it easier for remote attackers to modify the configuration or perform arbitrary actions via HTTPS requests, aka Bug ID CSCui43128.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:h:cisco:telepresence_system_tx9000:*:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:telepresence_system_tx9200:*:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:*:*:*:*:*:*:*:* | 6.0.3\(33\) (including) | |
| cpe:2.3:a:cisco:telepresence_system_software:1.9.0\(46\):*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.0.1\(3\):*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.1\(68\):*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.2\(19\):*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.3\(44\):*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.4\(19\):*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.5\(7\):*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:telepresence_system_software:1.9.6:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page