CVE-2013-5558

critical

Published 2013-11-08 · Modified 2026-04-29

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

The WIL-A module in Cisco TelePresence VX Clinical Assistant 1.2 before 1.21 changes the admin password to an empty password upon a reboot, which makes it easier for remote attackers to obtain access via the administrative interface, aka Bug ID CSCuj17238.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca

Application impact

Vendor	Product	Versions	Fixed
cisco	telepresence_vx_clinical_assistant	`1.2`

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131106-tvxca

CWEs

CWE-255

Verify integrity in audit chain (admin only). AS-IS.