- Description
- Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:12.2bc:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A3EF2531-3E6B-4FDC-B96B-2BC3F8EAF39A"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2cx:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4BA2D6E-FD22-4BFD-B8B4-D6542E173C72"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2cy:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78B9E2C6-0E23-4AC9-906F-28BBC15868DB"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2xf:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCC88CC5-CF58-48A3-AFB6-FD38E5F40845"
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3bc:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40183EF8-BD19-49AD-9E55-7FCCA635327F"
}
],
"operator": "OR"
}
]
}
]