Executive Summary
Summary | |
---|---|
Title | Cisco Wireless LAN Controller Default Simple Network Management Protocol Community Strings |
Informations | |||
---|---|---|---|
Name | cisco-sa-20180418-wlc | First vendor Publication | 2018-04-18 |
Vendor | Cisco | Last vendor Modification | 2018-04-18 |
Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : | |||
---|---|---|---|
Cvss Base Score | N/A | Attack Range | N/A |
Cvss Impact Score | N/A | Attack Complexity | N/A |
Cvss Expoit Score | N/A | Authentication | N/A |
Calculate full CVSS 2.0 Vectors scores |
Detail
With new installations of Cisco Wireless LAN Controller Software, the installation scripts create default community strings for Simple Network Management Protocol (SNMP) Version 2 (SNMPv2) and default usernames for SNMP Version 3 (SNMPv3), both allowing for read and write access. As documented in the Cisco Wireless LAN Controller Configuration Best Practices guide ["https://www.cisco.com/c/en/us/td/docs/wireless/technology/wlc/8-5/82463-wlc-config-best-practice.html#pgfId-379998"], the SNMP configuration should either be changed or disabled depending on the environmental requirements. If the default community strings and usernames are not changed or disabled, the system is open for read and write access through SNMP. This advisory is available at the following link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-wlc ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-wlc"] BEGIN PGP SIGNATURE iQJ5BAEBAgBjBQJa1276XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczAQgQAIXIS3KwSm+TsjyCDMgbtlYE/aJt 7xDswMo0PdcXallp6GoY8/ggYi44AGbPbHCDkAq/sX/eztEGUfkpOZFhjXQ3cD3J uSZfqzZsT6qK6DNhG+Rdp278n9Ag3Olij6/B9GbbRsZsoxAcrYFixvR0NKf0aNHP 3cSt3JFmrPF8gmthmZTvRJrU7Qc6Mnn3g1I9uiohbnzJ+fkMamsMET138m9+gUEY BGRIE5PL0fV0qQxG9w4P+0GIqlgwFu//0DiOL6sKRLBybaePNDpXvZqW4l9TotUP /xVVG0R5AkyqvBksWimgmU6zERE6IiN4+5EXQ45tQPtzLmnbRWweyjvWd81CyVFE ZU31yf9Uf2kBNbkTKbNoXg0CozRJV/+3EgqpM446joOfOmNaBSfCAjKcYOSRnV9B Hbj2r1rW6POfOiB1lphIQFRQQcj3/bfRz3ns/VluxkJalFa3siH4B0yW8GYM25Bx IwHpiGeGjrSCrk2BqGXUqQMmU8dIZxUp/ALZFRPDQmYRw0bd1dx+tpIc0ezIV668 LSodIkp+/LvPIy11HQeIgmfMywL7Ff+uYrZVgccuEXDrRABBfgEVDdtFq0bJuXOt Vj7iyti3L5Th4TwbQavBL0ji7pL5LS4ODLKnk1DQU1u1wrXc9pExzOub3xyYMqke ThXIqnKuIGALM/uA =1lWx END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
Alert History
Date | Informations |
---|---|
2018-04-18 21:18:30 |
|