Cisco Prime Collaboration Assurance before 11.0 has a hardcoded cmuser account, which allows remote attackers to obtain access by establishing an SSH session and leveraging knowledge of this. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Cisco
Authentication Bypass
Prime Collaboration Assurance
NVD
CVSS 2.0
9.0
EPSS
0.6%