The vulnerability is due to static credentials for an internal account. An attacker could exploit this vulnerability by using the static credentials for that account to connect to internal services. Note that this is a restricted account that is used to communicate between instances of ICF, and it does not provide GUI or shell access.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2gCoc8Y
The vulnerability is due to static credentials for an internal account. An attacker could exploit this vulnerability by using the static credentials for that account to connect to internal services. Note that this is a restricted account that is used to communicate between instances of ICF, and it does not provide GUI or shell access.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
http://ift.tt/2gCoc8Y
Security Impact Rating: Medium
CVE: CVE-2016-9204
from Cisco Security Advisory http://ift.tt/2gCoc8Y
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.