Lucene search

[email protected]CVE-2000-0955

HistoryDec 19, 2000 - 5:00 a.m.

CVE-2000-0955

2000-12-1905:00:00

[email protected]

web.nvd.nist.gov

cisco

vco/4k

weak encryption

snmp mib

cve-2000-0955

password cracking

privilege gain

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.4%

JSON

Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.

Affected configurations

NVD

Node

ciscovirtual_central_office_4000Range≤5.1.3

CPENameOperatorVersion
cisco:virtual_central_office_4000cisco virtual central office 4000le5.1.3

CPE	Name	Operator	Version
cisco:virtual_central_office_4000	cisco virtual central office 4000	le	5.1.3

References

www.atstake.com/research/advisories/2000/a102600-1.txt

www.securityfocus.com/bid/1885

exchange.xforce.ibmcloud.com/vulnerabilities/5425

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.4%

JSON

Related for CVE-2000-0955

nvd1 cvelist1