Executive Summary

Summary
Title Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability
Informations
Name cisco-sa-20100707-snmp First vendor Publication 2010-04-08
Vendor Cisco Last vendor Modification 2010-07-07
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Cisco Industrial Ethernet 3000 (IE 3000) Series switches running Cisco IOS Software releases 12.2(52)SE or 12.2(52)SE1, contain a vulnerability where well known SNMP community names are hard-coded for both read and write access. The hard-coded community names are "public" and "private."

Cisco recommends that all administrators deploy the mitigation measures outlined in the Workarounds section or perform a Cisco IOS Software upgrade.

Cisco has released free software updates that address this vulnerability.

Workarounds that mitigate this vulnerability are available.

Original Source

Url : http://www.cisco.com/warp/public/707/cisco-sa-20100707-snmp.shtml

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware 1
Os 2

Open Source Vulnerability Database (OSVDB)

Id Description
66120 Cisco IOS on Industrial Ethernet 3000 Hardcoded SNMP Community Names

Nessus® Vulnerability Scanner

Date Description
2002-11-25 Name : The community names of the remote SNMP server can be guessed.
File : snmp_default_communities.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2013-05-11 00:42:38
  • Multiple Updates