|
Family: SNMP --> Category: infos
SNMP VACM Vulnerability Scan
Vulnerability Scan Summary Enumerates communities via SNMP
Detailed Explanation for this Vulnerability Test
Synopsis :
The SNMP private community strings can be retrieved using SNMP.
Description :
It is possible to obtain the remote private community strings using
the View-Based Access Control MIB of the remote Cisco router.
A possible hacker may use this flaw to gain read/write SNMP access
on this router.
Solution :
Disable the SNMP service on the remote host if you do not use it,
or filter incoming UDP packets going to this port or install Cisco
patch.
http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|