Cisco Bug: CSCus61123 - Cisco TelePresence vTS Server Serial Console Privileged Access
Feb 11, 2018
- Cisco TelePresence Server
- Cisco TelePresence Server on Virtual Machine
Known Affected Releases
3.1(1.82) 3.1(1.96) 3.1(1.98) 4.0(1.57) 4.0(2.8) 4.1(1.79)
Symptoms: Cisco TelePresence Server on Virtual Machine contains an undocumented privileged account that can be accessed via serial console available through the vSphere controller. The access via this account is protected by a password which is however default and static across all Cisco Virtual TelePresence Server deployment. This account is present only on the Cisco Virtual TelePresence Server Software. Cisco TelePresence Server Software for appliances is not affected. This issue is fixed in Cisco Virtual TelePresence Server Software version 4.1(1.85) where login access through this account as been removed. Conditions: Administrative access to the vSphere is needed to use this account.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases