CVE-2008-3807

2008-09-2616:21:44

[email protected]

web.nvd.nist.gov

cisco

ios

ubr10012

snmp

vulnerability

cve-2008-3807

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.4 Medium

AI Score

Confidence

Low

0.008 Low

EPSS

Percentile

81.5%

JSON

Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with “private” as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.

Affected configurations

NVD

Node

ciscoiosMatch12.2bc

ciscoiosMatch12.2cx

ciscoiosMatch12.2cy

ciscoiosMatch12.2xf

ciscoiosMatch12.3bc

CPENameOperatorVersion
cisco:ioscisco ioseq12.2bc
cisco:ioscisco ioseq12.2cx
cisco:ioscisco ioseq12.2cy
cisco:ioscisco ioseq12.2xf
cisco:ioscisco ioseq12.3bc