A serious vulnerability was recently found in Cisco Systems Inc.'s TelePresence systems that could be triggered due to default credentials being left in place after system setup. Could you provide some security best practices that enterprises could implement for such systems, particularly in regard to the use of unique credentials?
Ask the Expert
Do you have a network security question for our expert? Submit it now via email! (All questions are anonymous)
This was a profound vulnerability, to say the least. Upon installation of the Cisco TelePresence software, an account is created with a default username and password. If an attacker with knowledge of default Cisco usernames and passwords connected to the Cisco TelePresence Web server, they would have administrative access to the system; at that point, the attacker would "own the box."
While a fix -- Cisco TelePresence System Software Release version 1.10.2 -- has been released, some older systems may not support the upgrade. In this case, Cisco recommends that customers:
- Connect to the system.
- Proceed to Cisco Unified CM Administration.
- Select Device > Phone.
- Search, and select the configured Cisco TelePresence unit.
- Under the SSH information, change the username helpdesk to pwrecovery, then change the password.
In terms of best practices, the one I think is the most important, yet is overlooked, is that of default usernames and passwords -- especially if you have any Cisco devices within your infrastructure. It is critical to learn the default accounts that are on your network devices and change them. This is such a simple step -- and it's just a matter of adding an item to your setup checklist and knowing what those default credentials are -- but I am amazed at how often it is unheeded.
Dig Deeper on IPv6 security and network protocols security
Related Q&A from Brad Casey
Allowing users to tunnel through a firewall to access any site creates a security risk. How big of a risk is it? It depends on how much you trust ... Continue Reading
Our IT organization needs to secure customer names, but also needs to conduct searches on the entire customer database to match and merge records. Continue Reading
Don't treat physical and virtual machines' security differently. Since VM security issues threaten the whole infrastructure, here's how to stop ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.