Cisco, the largest manufacturer company of network equipment in the world, paradise servers for a full seven weeks without realizing that they contained a different default administrator password.
According to Sign upThe Cisco normally gives all their administrator accounts the "admin / password" combination. But it seems to have delivered 42 models of servers with the password "Cisco1234".
The company says the wrong code prevented access to the device's CIMC clients (Cisco Integrated Management Controller), customers consequently complained and Cisco began an investigation.
The problem it was quickly discovered that it was due to the wrong password and the company proceeded to correct the accompanying written instructions so that the password coded into the devices was the same as the one in their technical manuals.
Cisco reports that all affected 42 models were manufactured between 17 November 2015 and 6 January 2016. All affected models are listed at the end of this article. The company has issued one public advisory briefing for this incident, and advised network administrators to change the default password to something more safe as soon as possible.
AFFECTING MODELS:
EXPY-EXPWY-CE1K-BDL-K9
EXPY-EXPWY-CE500-BDL-K9
VCSCNTR-CTI-CE1K-BDL-K9
UCS-UCSC-C220-M3SBE
MXE3500-MXE-3500-V3-K9
TCS-TCS-C220-5RP-K9
TCS-TCS-C220-PROBUN-K9
TCS-TCS-SMB-C220-K9
SERVER-APIC-SERVER-L1
SERVER-APIC-SERVER-M1
EMBUNAM-NGA3240-K9
UCSC-UCSC-C220-M4L
UCSC-UCSC-C220-M4S
UCSC-UCSC-C240-M3S2
UCSC-UCSC-C240-M4L
UCSC-UCSC-C240-M4S
UCSC-UCSC-C240-M4S2
UCSC-UCSC-C240-M4SNEBS
UCSC-UCSC-C240-M4SX
UCSC-UCSC-BASE-M2-C460
UCSC-UCSC-C22-M3L
UCSC-UCSC-C220-M3L
UCSC-UCSC-C220-M3S
UCSC-UCSC-C240-M3L
UCSC-UCSC-C240-M3S
UCSC-UCSC-C420-M3
UCSC-UCSC-C460-M4
UCSC-UCSC-C460-M4-CH
UCSC-UCSC-C22-M3S
UCSC-UCSC-C24-M3S
N1000-N1K-1110-S
N1000-N1K-1110-X
DELVHW-MDE-1125-K9
DELVHW-MDE-3125-K9
CAAPL-CAAPL-CSPC-L-V1-K9
THRGD-TG5000-K9
THRGD-TG5500-K9
SER1CISE-SNS-3415-K9
SER1CISE-SNS-3495-K9
CSMGR-CSM4-UCS2-50-K9
PS-CPS-UCS-1RU-K9
PS-CPS-UCS-2RU-K9
