Guest

Preview Tool

Cisco Bug: CSCuj84492 - etc/passwd contains poorly encrypted administrator passwords

Last Modified

Mar 03, 2018

Products (1)

  • Cisco Unified Computing System

Known Affected Releases

1.4(0.14) 1.5(1f) 2.4(100.1)T

Description (partial)

Symptom:
After uprading to 2.0.1 or 2.0.1a, users have the ability to do a one-time migration to a better encryption scheme to store their passwords. As
documented, after running the enable-secure-pw command from scope cimc, all the users that were created/modified in the previous releases are
lost and default admin user's password gets reset to password. Any users you create are now protected with this envelope of industry standard
security. 

As an unintended consequence of this migration though, ipmitool will be unable to understand the credentials stored in the new format, to access
the Cisco IMC. The only credentials that you can use to run any ipmitool commands or queries will be with ''admin'' username and ''password'' as
the password.

ipmitool will not be able to recognise the users you create/modify, if you have migrated to secure password storage. We are working on fixing
this ASAP.

Conditions:
This issue arises IF and ONLY IF you ran the ''enable-secure-pw'' command from inside scope cimc in releases 2.0.1 or 2.0.1a as an undesired side
effect of the migration to the secure password storage. If you have not yet taken this action, we advise you refrain from executing this command.
If you have, please refer to the workaround. listed in this CDETS. We are working to remove this side effect at the earliest without compromising
on security.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.