Cisco addresses a critical static credential flaw in Common Services Platform Collector

March 14, 2019

Cisco released security updates to address a critical flaw, tracked as CVE-2019-1723, that consists in the presence of a default account with a static password. The account hasn’t admin privileges, but it could be exploited by an unauthenticated attacker to gain remote access to the system.

The Cisco Common Services Platform Collector (CSPC) is a tool that collects information from Cisco devices installed on a network. The SNMP-based tool is used by both Smart Net Total Care (SmartNet) Network Collector and Partner Support Service (PSS) Network Collector.

Read More on Security Affairs