CVE-2016-1313 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2016-1313

CWE

https://cwe.mitre.org/data/definitions/264.html

Cisco UCS Invicta C3124SA Appliance 4.3.1 through 5.0.1, UCS Invicta Scaling System and Appliance, and Whiptail Racerunner improperly store a default SSH private key, which allows remote attackers to obtain root access via unspecified vectors, aka Bug ID CSCun71294.

Affected Software

Name	Vendor	Start Version	End Version
Ucs_invicta_c3124sa_appliance	Cisco	4.3.1 (including)	4.3.1 (including)
Ucs_invicta_c3124sa_appliance	Cisco	4.5.0 (including)	4.5.0 (including)
Ucs_invicta_c3124sa_appliance	Cisco	5.0.1 (including)	5.0.1 (including)

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-ucs
http://www.securitytracker.com/id/1035496
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-ucs
http://www.securitytracker.com/id/1035496