Computer Security
[EN] securityvulns.ru no-pyccku


HP/H3C / Huawei equipment information leakage
Published:28.10.2012
Source:
SecurityVulns ID:12667
Type:remote
Threat Level:
5/10
Description:Information leakage via SNMP.
CVE:CVE-2012-3268 (Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei Firewall/Gateway, Router, Switch, and Wireless products do not properly implement access control as defined in h3c-user.mib 2.0 and hh3c-user.mib 2.0, which allows remote authenticated users to discover credentials in UserInfoEntry values via an SNMP request with the read-only community.)
Original documentdocumentHP, [security bulletin] HPSBHF02819 SSRT100920 rev.2 - HP, 3COM, and H3C Routers & Switches, Remote Disclosure of Information (28.10.2012)
 documentKurt Grutzmacher, HP/H3C and Huawei SNMP Weak Access to Critical Data (28.10.2012)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod