Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs SecuriTeam™ in Your Inbox   E-mail this CVE-2011-3290 to a friend New vulnerability? New tool? Tell us	CVE-2011-3290 Cisco Identity Services Engine 1.0.4.MR2 Database Default Credentials Vulnerability     Credit: The information has been provided by Andrey Ovrashko and Sergey Bondarenko. The original article can be found at: Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    CVE-2011-3290 Details Check for CVE-2011-3290 Vulnerability Assessment and Management. Automated Pen Testing for 50 to 50,000 nodes beyondsecurity.com/vulnerability-scanner .Vulnerable Systems:  * Cisco ISE prior to release 1.0.4.MR2 Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via unknown vectors, aka Bug ID CSCts59135. Vendor Status: Cisco has issued an update to correct this vulnerability Patch Availability: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110920-ise CVE Information: CVE-2011-3290 Disclosure Timeline: 2011-October-03 Updated with information about fixed software availability. 2011-September-20 Initial public release.  Comments on CVE-2011-3290:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:

All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews

 

---

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus  

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®