Default passwords on Cisco messaging, security products could pose risks, vendor warns

Cisco has advised users that default passwords on its Unity unified messaging server and Cisco Guard and Traffic Anomaly Detector could allow an attacker to gain administrative access. On Unity systems, this would allow an attacker to read incoming an outgoing messages and redirect message routing; the default password can be found in versions 2, 3, and 4. The Cisco Guard and Traffic Anomaly Detector is designed to detect malicious traffic, such as a denial of service attack, and direct it to a non-critical section of the network. Access would allow an attacker to reroute traffic or prevent detection of a denial of service attack. Cisco advises users to change default passwords if they have not already. The updated Cisco Guard and Traffic Anomaly Detector 3.1 requires users to change the password during installation.

http://www.nwfusion.com/news/2004/1215ciscosecurity.html

Leave a Reply