Skip to main content

Use of Hard-coded Credentials

CVE-2007-1063

Severity High
Score 10/10

Summary

The SSH server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G, with firmware 8.0(4)SR1 and earlier, uses a hard-coded username and password, which allows remote attackers to access the device.

  • LOW
  • NETWORK
  • NONE
  • COMPLETE
  • COMPLETE
  • COMPLETE

CWE-798 - Use of Hard-coded Credentials

The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

References

Advisory Timeline

  • Published