Someone's palm is digging a hole into their face at Cisco, which has just admitted it shipped a bunch of servers with the wrong default password.
“A number of C-Series servers have shipped to customers with a non-standard default password which prevents access to the Cisco Integrated Management Controller (CIMC) unless the configured password is provided,” the Borg says in a new Field Notice.
More ReadingCisco forgets to ship management software with security appliancesServing up IT on a silver platter, also known as ITSMCisco admins gear up for a late night – hardcoded password in wireless points nukedCisco starts 2016 with a spring in its step, pours cash into SpringpathThe Register guide to software-defined infrastructure
Kit made between between November 17, 2015 and January 6, 2016 was misconfigured. If you get one and try to get it working with Cisco's default admin password – “password” – you'll look like a very silly sysadmin indeed.
The fault is all Cisco's: for reasons it's not explaining, the firm instead set the default password to “Cisco1234”.
The solution to the problem is therefore very simple: just use “Cisco1234”. Then change it to something else before every script kiddie in the known universe tries to crack your UCS boxen.
The fault is no threat to anything other than your pride, but as there are likely lots of servers with the problem sitting on shelves in distributors' and resellers' warehouses, there's plenty of opportunity to look foolish during what should be routine racking and stacking sessions. ®