CVE-2026-22054
HighCVSS 8.8Exploitation Probability (EPSS)
Low risk15th percentile - higher than 15% of all known CVEs
Summary
The vulnerability in Active IQ Config Advisor 6.7.3 stems from hard-coded credentials, allowing an authenticated attacker with low privileges to perform unauthorized AutoSupport operations.
Risk Assessment
The organization faces the risk of unauthorized access to AutoSupport functions, potentially leading to data leakage or disruption of technical support operations.
Recommendation
It is recommended to immediately update Active IQ Config Advisor to the latest version and remove or change default credentials in the configuration.
Original NVD description (English source)
Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations.

