Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Industrial Ethernet 3000 switches unauthorized access
Published:11.07.2010
Source:
SecurityVulns ID:10980
Type:remote
Threat Level:
5/10
Description:Undeletable SNMP communities public and private.
Affected:CISCO : Cisco Industrial Ethernet 3000
CVE:CVE-2010-1574 (IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589.)
Original documentdocumentCISCO, Cisco Security Advisory: Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability (11.07.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod