02-05-2013 06:03 AM - edited 03-18-2019 12:32 AM
Apparently the password of the admin account is reset to default = empty after upgrading the MCU from v4.3 to v4.4_3.42.
This behaviour is not documented in the release notes.
For me this is a security issue.
02-05-2013 07:32 AM
Admin password stayed for me. However I did rename the admin user itself to something else than default though,
02-06-2013 04:01 AM
Hi,
This should not happen under normal circumstances and I am also not aware of any bug opened for this issue.
Can you replicate this issue and raise a TAC case for it if the issue still persist? If this is the case I would recommend sending to us the confrguration.xml file so we can replicate the issue and the exact sw versions that you are using,
Regards
Cristian
02-07-2013 09:25 PM
I had this happen on two seperate MCU's, however both were running with the factory default username/password combo. After the upgrade they were both changed to blank, I haven't attempted to reproduce it if the admin password has been altered from the factory default before doing the upgrade.
02-11-2013 03:53 AM
I could reproduce this problem on a 4501 MCU. After upgrade the password was reset to default = empty...
Unfortunately I do not have time to open a TAC case for this.
Is there a way to open a security advisory with TAC case?
rgds, Geert Folens
02-11-2013 04:11 AM
HI,
In order for to be able to reproduce it can you please let me know the previous sw version that you were using_ we can give it a try in our lab.
Also can you send me the configuration file ? ( you can send this to crisalex@cisco.com)
Regards
Cristian
02-11-2013 04:19 AM
The MCU was runing: codian_mcu4500_4.3_2.18 before the upgrade.
02-11-2013 04:49 AM
Thanks Gert,
Not able to replicate this so far ( I have tried it on an 4505 unit ( I do not have an 4501 unit available but it's very unlikely this to be a hardware related issue )
Can you please send me your config file ? ( use crisalex@cisco.com)
PS : do you use any special characters in the password that I should be aware of ?
Regards
02-12-2013 03:26 AM
HI Gert,
I would be very much intrested to replicate this issue.
Kindly asked if possible to send me your config file
Regards
02-12-2013 03:37 AM
Hi,
I have also observed this, the workaround i used was backup config>>upgrade>>Reload config.
Hope this helps
Jamie
02-12-2013 07:24 AM
Would you be happy to send me your config file before the upgrade? My email is katcurri@cisco.com .
We haven't managed to produce the exact issue you describe.
Thanks,
Katrina
02-17-2013 12:03 AM
02-17-2013 04:16 PM
Just wanted to say we upgraded some 45xx, 8420, 8510 from 4.3 to 4.4 without any issues,
containing only the ascii charset as passwords.
Would be interesting to know which MCUs and which kind of passwords were used when it failed.
Please remember to rate helpful responses and identify
02-22-2013 03:56 AM
The bug that Cristian mentioned is now customer viewable and available on the bug toolkit, you can find it at CSCue55386
Hopefully this will help everyone with this issue.
Regards,
Katrina
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide