Vulnerability Details : CVE-2013-1170
The Cisco Prime Network Control System (NCS) appliance with software before 1.1.1.24 has a default password for the database user account, which makes it easier for remote attackers to change the configuration or cause a denial of service (service disruption) via unspecified vectors, aka Bug ID CSCtz30468.
Vulnerability category: Denial of service
Products affected by CVE-2013-1170
- cpe:2.3:a:cisco:prime_network_control_system:-:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:prime_network_control_system_software:1.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2013-1170
0.37%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 73 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-1170
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
CWE ids for CVE-2013-1170
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2013-1170
-
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-ncs
Cisco Prime Network Control Systems Database Default Credentials VulnerabilityVendor Advisory
Jump to