Cisco NetFlow Collection Engine Remote Default Account Vulnerability

Cisco NetFlow Collection Engine Remote Default Account Vulnerability

Cisco NetFlow Collection Engine (NFC) is prone to a default-account vulnerability. This issue stems from a design flaw that makes an insecure account available to remote users.

Successfully exploiting this issue allows remote attackers to gain administrative access to the vulnerable application and user-level access to the hosting operating system.

Versions of Cisco NFC prior to 6.0 are vulnerable to this issue.

Cisco is tracking this issue as Cisco Bug ID CSCsh75038.