Cisco Bug: CSCve89880 - Cisco IOS XE Software Static Credential Vulnerability
May 05, 2020
- Cisco 4000 Series Integrated Services Routers
Known Affected Releases
Symptom: A vulnerability in the Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to the device running an affected version of Cisco IOS XE Software with the default username and password when there is no startup configuration on the router or a write erase followed by a reload. This account allows privilege level 15 access. The vulnerability is due to an undocumented user account that has a default username and password. An attacker could exploit this vulnerability by remotely connecting to the affected system using this account. A successful exploit could allow the attacker to log in to the device using the default user account with privilege level 15 access. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc Conditions: This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS XE Software. To determine whether a release is affected by any published Cisco Security Advisory, use the Cisco IOS Software Checker on Cisco.com at the following link: https://tools.cisco.com/security/center/softwarechecker. This problem can be seen when the router boots without a startup-config file or the user has performed a write erase followed by reload without saving any configs.
Related Community Discussions
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases