Sign-up

ID

VAR-200704-0470


CVE

CVE-2007-2282


TITLE

Cisco NetFlow Collection Engine contains known default passwords

Trust: 0.8

sources: CERT/CC: VU#127545

DESCRIPTION

Cisco Network Services (CNS) NetFlow Collection Engine (NFC) before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system. A vulnerability in the Cisco NetFlow Collection Engine could allow a remote attacker to gain access to a vulnerable system. This issue stems from a design flaw that makes an insecure account available to remote users. Versions of Cisco NFC prior to 6.0 are vulnerable to this issue. Cisco is tracking this issue as Cisco Bug ID CSCsh75038. When NFC is installed, a default user account will be created and a corresponding password will be set. NFC is installed on a supported UNIX platform. During the installation process, a default web-based user account nfcuser is created, which is used to perform application maintenance, configuration, and troubleshooting with the password nfcuser. Before version 6.0, the Linux installation program will also create a local user named nfcuser on the operating system, and the default password is exactly the same as the user name. If the account already exists, the Linux installer will change the password to be the same as the username

Trust: 2.7

sources: NVD: CVE-2007-2282 // CERT/CC: VU#127545 // JVNDB: JVNDB-2007-001895 // BID: 23647 // VULHUB: VHN-25644

AFFECTED PRODUCTS

vendor:ciscomodel:netflow collection enginescope:eqversion:5.0.3

Trust: 1.9

vendor:ciscomodel:netflow collection enginescope:eqversion:5.0

Trust: 1.9

vendor:ciscomodel:netflow collection enginescope:eqversion:4.0

Trust: 1.9

vendor:ciscomodel:netflow collection enginescope:eqversion:3.6

Trust: 1.9

vendor:ciscomodel:netflow collection enginescope:eqversion:3.5

Trust: 1.9

vendor:ciscomodel:netflow collection enginescope:eqversion:3.0

Trust: 1.9

vendor:ciscomodel:netflow collection enginescope:eqversion:2.0

Trust: 1.9

vendor:ciscomodel:netflow collection enginescope:eqversion:1.0

Trust: 1.9

vendor:ciscomodel: - scope: - version: -

Trust: 0.8

vendor:ciscomodel:netflow collection enginescope:ltversion:6.0

Trust: 0.8

vendor:ciscomodel:netflow collection enginescope:neversion:6.0

Trust: 0.3

sources: CERT/CC: VU#127545 // BID: 23647 // JVNDB: JVNDB-2007-001895 // CNNVD: CNNVD-200704-523 // NVD: CVE-2007-2282

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2007-2282
value: HIGH

Trust: 1.0

CARNEGIE MELLON: VU#127545
value: 7.50

Trust: 0.8

NVD: CVE-2007-2282
value: HIGH

Trust: 0.8

CNNVD: CNNVD-200704-523
value: CRITICAL

Trust: 0.6

VULHUB: VHN-25644
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2007-2282
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-25644
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CERT/CC: VU#127545 // VULHUB: VHN-25644 // JVNDB: JVNDB-2007-001895 // CNNVD: CNNVD-200704-523 // NVD: CVE-2007-2282

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2007-2282

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200704-523

TYPE

Design Error

Trust: 0.9

sources: BID: 23647 // CNNVD: CNNVD-200704-523

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2007-001895

PATCH
title:cisco-sa-20070425-nfcurl:http://www.cisco.com/en/US/products/csa/cisco-sa-20070425-nfc.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2007-001895

EXTERNAL IDS
db:CERT/CCid:VU#127545
Trust: 3.6
db:NVDid:CVE-2007-2282
Trust: 2.5
db:BIDid:23647
Trust: 2.0
db:SECTRACKid:1017960
Trust: 1.7
db:VUPENid:ADV-2007-1545
Trust: 1.7
db:OSVDBid:35524
Trust: 1.7
db:JVNDBid:JVNDB-2007-001895
Trust: 0.8
db:CNNVDid:CNNVD-200704-523
Trust: 0.7
db:CISCOid:20070425 DEFAULT PASSWORDS IN NETFLOW COLLECTION ENGINE
Trust: 0.6
db:XFid:33861
Trust: 0.6
db:VULHUBid:VHN-25644
Trust: 0.1
sources:
            
            
            CERT/CC: VU#127545 // 
            
            
            
            VULHUB: VHN-25644 // 
            
            
            
            BID: 23647 // 
            
            
            
            JVNDB: JVNDB-2007-001895 // 
            
            
            
            CNNVD: CNNVD-200704-523 // 
            
            
            
            NVD: CVE-2007-2282

REFERENCES
url:http://www.kb.cert.org/vuls/id/127545
Trust: 2.8
url:http://www.securityfocus.com/bid/23647
Trust: 1.7
url:http://www.cisco.com/en/us/products/products_security_advisory09186a008082c520.shtml
Trust: 1.7
url:http://www.osvdb.org/35524
Trust: 1.7
url:http://securitytracker.com/id?1017960
Trust: 1.7
url:http://www.vupen.com/english/advisories/2007/1545
Trust: 1.1
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/33861
Trust: 1.1
url:about vulnerability notes
Trust: 0.8
url:contact us about this vulnerability
Trust: 0.8
url:provide a vendor statement
Trust: 0.8
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-2282
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-2282
Trust: 0.8
url:http://www.frsirt.com/english/advisories/2007/1545
Trust: 0.6
url:http://xforce.iss.net/xforce/xfdb/33861
Trust: 0.6
url:http://www.cisco.com/en/us/products/sw/netmgtsw/ps1964/index.html
Trust: 0.3
url:/archive/1/466832
Trust: 0.3
url:http://www.cisco.com/warp/public/707/cisco-sa-20070425-nfc.shtml
Trust: 0.3
sources:
            
            
            CERT/CC: VU#127545 // 
            
            
            
            VULHUB: VHN-25644 // 
            
            
            
            BID: 23647 // 
            
            
            
            JVNDB: JVNDB-2007-001895 // 
            
            
            
            CNNVD: CNNVD-200704-523 // 
            
            
            
            NVD: CVE-2007-2282

CREDITS
Cisco Security bulletin
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200704-523

SOURCES
db:CERT/CCid:VU#127545
db:VULHUBid:VHN-25644
db:BIDid:23647
db:JVNDBid:JVNDB-2007-001895
db:CNNVDid:CNNVD-200704-523
db:NVDid:CVE-2007-2282

LAST UPDATE DATE
2025-04-10T23:23:43.649000+00:00

SOURCES UPDATE DATE
db:CERT/CCid:VU#127545date:2007-06-14T00:00:00
db:VULHUBid:VHN-25644date:2017-07-29T00:00:00
db:BIDid:23647date:2007-04-26T21:10:00
db:JVNDBid:JVNDB-2007-001895date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200704-523date:2007-04-27T00:00:00
db:NVDid:CVE-2007-2282date:2025-04-09T00:30:58.490

SOURCES RELEASE DATE
db:CERT/CCid:VU#127545date:2007-04-26T00:00:00
db:VULHUBid:VHN-25644date:2007-04-26T00:00:00
db:BIDid:23647date:2007-04-25T00:00:00
db:JVNDBid:JVNDB-2007-001895date:2012-06-26T00:00:00
db:CNNVDid:CNNVD-200704-523date:2007-04-26T00:00:00
db:NVDid:CVE-2007-2282date:2007-04-26T19:19:00