Cisco’s Unified Communications Domain Manager platform has a default, static password for an account that carries root privileges. The vulnerability affects versions of the software prior to 4.4.5 and the company said there are no workarounds for it. An attacker who is able to find a vulnerable device would be able to connect to it over SSH and gain complete control of the device. A year ago, Cisco said that the same UCDM product included a default private SSH key that is stored insecurely.
Source: https://threatpost.com/cisco-ucdm-platform-ships-with-default-static-password/113591/