Cisco Unified CDM software contains a privileged account with a static password that cannot be changed, by using it an attacker can control the platform. The exploitation of the vulnerability is easy and can lead to the hacking of the platform and data it manages. Cisco scored the severity of the flaw as 10, which is the highest possible severity score, the Common Vulnerability Scoring System Base Score. The vulnerability occurs because a default and static password is created at installation and cannot be. changed or deleted without impacting the functionality of the system.”]
Source: http://securityaffairs.co/wordpress/38323/hacking/cisco-unified-cdm-vulnerability.html