Ceragon fibeair 4800 software engineering. The ceragon ethernet ring scope the description of ceragon ethernet ring in this chapter is completely generic.
Information about the position Software developer for embedded systems:
Our embedded SW department has been continuously growing for the last several years, and we are again looking for software developers to participate in development of advanced embedded applications. We are looking for software development engineers having a MSc. or equivalent background with interest in C/C++ programming, embedded systems and network technology.
For full job description, see announcement for 'SW Developer for Embedded Systems' at www.ceragon.com/careers.asp
Position demands: Education: M.Sc (Masters) or equivalent background
Wages: NOK 400 00 - 700 000 (app. ¿ 53 000 - 93 000) gross pr. year, depending on qualifications and experience
Housing/family: The employer will assist you to find housing and if you bring your family.
Application: Send short application and CV pr. E-mail to [email protected]. Diplomas and other papers must be brought if interview.
Work Regulations: Permanent, fulltime
Last application date: 9th of March 2012
Start date: As soon as possible
For more information: please call Jan Ove Skau, +47 55 22 55 32 / +47 911 81 998
NB: We don't want contact with sales-promoters
Our embedded SW department has been continuously growing for the last several years, and we are again looking for software developers to participate in development of advanced embedded applications. We are looking for software development engineers having a MSc. or equivalent background with interest in C/C++ programming, embedded systems and network technology.
For full job description, see announcement for 'SW Developer for Embedded Systems' at www.ceragon.com/careers.asp
Position demands: Education: M.Sc (Masters) or equivalent background
Wages: NOK 400 00 - 700 000 (app. ¿ 53 000 - 93 000) gross pr. year, depending on qualifications and experience
Housing/family: The employer will assist you to find housing and if you bring your family.
Application: Send short application and CV pr. E-mail to [email protected]. Diplomas and other papers must be brought if interview.
Work Regulations: Permanent, fulltime
Last application date: 9th of March 2012
Start date: As soon as possible
For more information: please call Jan Ove Skau, +47 55 22 55 32 / +47 911 81 998
NB: We don't want contact with sales-promoters
Overview
Ceragon FiberAir IP-10 Microwave Bridge contains a default root password.
Description
CWE-255:Credentials Management Ceragon FiberAir IP-10 Microwave Bridges contain a default root password. The root account can be accessed through ssh, telnet, command line interface, or via HTTP. The affected vendor, Ceragon, has provided the following statement: The FibeAir IP-10 products have an embedded Linux OS. The root password that is within the IP-10 products is a default password and can be changed by our customers in a simple manner. The existence of such a password is documented in the product user documentation, is highlighted to the customer post shipment, and it is recommended to be changed in accordance with common password management policies. Many of our customers have chosen to change the root password and that is based on information provided within the product documentation referring to capability and ways of changing all Admin privileges, as well as access to the Linux OS Shell. We would like to remind again, those customers who have not changed the default root password on their installed IP-10 devices are encouraged to contact your local Ceragon representative, who will assign a customer service expert to provide a means for quick and secure update of root password in multiple devices, simultaneously. |
Impact
A remote, unauthenticated attacker may be able to gain administrative privileges on the device. |
Solution
Change your Password Change any default passwords, and do not deploy without changing default passwords. Search engines such as Shodan can index systems exposed to the internet and default passwords are usually documented and well-known. It is often trivial for an attacker to identify and access systems on the internet using default passwords. |
Vendor Information
Affected Unknown Unaffected
Ceragon Networks Inc
Notified: October 27, 2014 Updated: January 13, 2015
Status
Affected
Vendor Statement
No statement is currently available from the vendor regarding this vulnerability.
Vendor Information
We are not aware of further vendor information regarding this vulnerability.
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | 10.0 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Temporal | 9.0 | E:F/RL:U/RC:UR |
Environmental | 6.8 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
Acknowledgements
Thanks to Jasper Greve for reporting this vulnerability.
This document was written by Chris King.
Other Information
CVE IDs: | CVE-2015-0924 |
Date Public: | 2015-01-16 |
Date First Published: | 2015-01-16 |
Date Last Updated: | 2015-01-21 15:06 UTC |
Document Revision: | 31 |