Описание
Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.
Ссылки
- Third Party Advisory
- Vendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Permissions Required
- Third Party Advisory
- Third Party Advisory
- Vendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Permissions Required
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:cisco:ios:12.2bc:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2cx:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2cy:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.2xf:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ios:12.3bc:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.0251
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
почти 4 года назад
Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.
EPSS
Процентиль: 85%
0.0251
Низкий
9.3 Critical
CVSS2
Дефекты
NVD-CWE-noinfo