Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.10264
Category:SNMP
Title:Report default community names of the SNMP Agent
Summary:Simple Network Management Protocol (SNMP) is a protocol; which can be used by administrators to remotely manage a computer or network device. There; are typically 2 modes of remote SNMP monitoring. These modes are roughly 'READ' and 'WRITE'; (or PUBLIC and PRIVATE).
Description:Summary:
Simple Network Management Protocol (SNMP) is a protocol
which can be used by administrators to remotely manage a computer or network device. There
are typically 2 modes of remote SNMP monitoring. These modes are roughly 'READ' and 'WRITE'
(or PUBLIC and PRIVATE).

Vulnerability Impact:
If an attacker is able to guess a PUBLIC community string,
they would be able to read SNMP data (depending on which MIBs are installed) from the remote
device. This information might include system time, IP addresses, interfaces, processes
running, etc.

If an attacker is able to guess a PRIVATE community string (WRITE or 'writeall'
access), they will have the ability to change information on the remote machine.
This could be a huge security hole, enabling remote attackers to wreak complete
havoc such as routing network traffic, initiating processes, etc. In essence,
'writeall' access will give the remote attacker full administrative rights over
the remote machine.

Note that this test only gathers information and does not attempt to write to
the remote device. Thus it is not possible to determine automatically whether
the reported community is public or private.

Also note that information made available through a guessable community string
might or might not contain sensitive data. Please review the information
available through the reported community string to determine the impact of this
disclosure.

Solution:
Determine if the detected community string is a private
community string. Determine whether a public community string exposes sensitive information.
Disable the SNMP service if you don't use it or change the default community string.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-1999-0472
Bugtraq: Apr7,1999 (Google Search)
XForce ISS Database: netcache-snmp
Common Vulnerability Exposure (CVE) ID: CVE-1999-0516
Common Vulnerability Exposure (CVE) ID: CVE-1999-0517
Common Vulnerability Exposure (CVE) ID: CVE-1999-0792
http://www2.merton.ox.ac.uk/~security/rootshell/0022.html
Common Vulnerability Exposure (CVE) ID: CVE-2000-0147
BugTraq ID: 973
http://www.securityfocus.com/bid/973
NAI Advisory: 20000207 SNMPD default writable community string (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2000-02/0045.html
SCO Security Bulletin: SB-00.04a
ftp://ftp.sco.com/SSE/security_bulletins/SB-00.04a
Common Vulnerability Exposure (CVE) ID: CVE-2001-0380
Bugtraq: 200103 ILMI community in olicom/crosscomm routers (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2001-03/0364.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5718
Common Vulnerability Exposure (CVE) ID: CVE-2001-0514
BugTraq ID: 2896
http://www.securityfocus.com/bid/2896
ISS Security Advisory: 20010620 Multiple Vendor 802.11b Access Point SNMP authentication flaw
http://xforce.iss.net/alerts/advise83.php
XForce ISS Database: atmel-vnetb-ap-snmp-security(6576)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6576
Common Vulnerability Exposure (CVE) ID: CVE-2001-1210
BugTraq ID: 3758
http://www.securityfocus.com/bid/3758
Bugtraq: 20011230 Possible security problem with Cisco ubr900 series routers (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2001-12/0297.html
http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0002.html
http://www.iss.net/security_center/static/7806.php
Common Vulnerability Exposure (CVE) ID: CVE-2002-0109
BugTraq ID: 3795
http://www.securityfocus.com/bid/3795
BugTraq ID: 3797
http://www.securityfocus.com/bid/3797
Bugtraq: 20020106 Linksys 'routers', SNMP issues (Google Search)
http://marc.info/?l=bugtraq&m=101039288111680&w=2
http://www.iss.net/security_center/static/7827.php
Common Vulnerability Exposure (CVE) ID: CVE-2002-0478
BugTraq ID: 4330
http://www.securityfocus.com/bid/4330
Bugtraq: 20020320 Default SNMP configuration issue with Foundry Networks EdgeIron 4802F (Google Search)
http://marc.info/?l=bugtraq&m=101666425609914&w=2
http://www.iss.net/security_center/static/8592.php
Common Vulnerability Exposure (CVE) ID: CVE-2002-1229
BugTraq ID: 5965
http://www.securityfocus.com/bid/5965
Bugtraq: 20021015 Undocumented account vulnerability in Avaya P550R/P580/P880/P882 (Google Search)
http://marc.info/?l=bugtraq&m=103470243012971&w=2
CERT/CC vulnerability note: VU#482241
http://www.kb.cert.org/vuls/id/482241
http://www.iss.net/security_center/static/10374.php
Common Vulnerability Exposure (CVE) ID: CVE-2004-1474
BugTraq ID: 11237
http://www.securityfocus.com/bid/11237
Bugtraq: 20040922 Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products (Google Search)
http://marc.info/?l=bugtraq&m=109588376426070&w=2
CERT/CC vulnerability note: VU#173910
http://www.kb.cert.org/vuls/id/173910
http://www.osvdb.org/10206
http://secunia.com/advisories/12635
XForce ISS Database: symantec-default-snmp(17471)
https://exchange.xforce.ibmcloud.com/vulnerabilities/17471
Common Vulnerability Exposure (CVE) ID: CVE-2004-1775
BugTraq ID: 5030
http://www.securityfocus.com/bid/5030
CERT/CC vulnerability note: VU#645400
http://www.kb.cert.org/vuls/id/645400
Cisco Security Advisory: 20041008 Cisco IOS Software Multiple SNMP Community String Vulnerabilities
http://www.cisco.com/warp/public/707/ios-snmp-community-vulns-pub.shtml
XForce ISS Database: cisco-snmp-vacm(6179)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6179
Common Vulnerability Exposure (CVE) ID: CVE-2004-1776
CERT/CC vulnerability note: VU#840665
http://www.kb.cert.org/vuls/id/840665
XForce ISS Database: cisco-ios-cable-docsis(6180)
https://exchange.xforce.ibmcloud.com/vulnerabilities/6180
Common Vulnerability Exposure (CVE) ID: CVE-2011-0890
BugTraq ID: 46981
http://www.securityfocus.com/bid/46981
HPdes Security Advisory: HPSBMA02647
http://marc.info/?l=bugtraq&m=130082163516878&w=2
HPdes Security Advisory: SSRT100383
http://securitytracker.com/id?1025239
http://securityreason.com/securityalert/8163
http://www.vupen.com/english/advisories/2011/0755
XForce ISS Database: hp-discovery-snmp-info-disclosure(66242)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66242
Common Vulnerability Exposure (CVE) ID: CVE-2012-4964
CERT/CC vulnerability note: VU#281284
http://www.kb.cert.org/vuls/id/281284
Common Vulnerability Exposure (CVE) ID: CVE-2014-4862
CERT/CC vulnerability note: VU#259548
http://www.kb.cert.org/vuls/id/259548
https://community.rapid7.com/community/metasploit/blog/2014/08/21/more-snmp-information-leaks-cve-2014-4862-and-cve-2014-4863
Common Vulnerability Exposure (CVE) ID: CVE-2014-4863
CERT/CC vulnerability note: VU#855836
http://www.kb.cert.org/vuls/id/855836
Common Vulnerability Exposure (CVE) ID: CVE-2016-1452
BugTraq ID: 91756
http://www.securityfocus.com/bid/91756
Cisco Security Advisory: 20160713 Cisco ASR 5000 Series SNMP Community String Disclosure Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160713-asr
http://www.securitytracker.com/id/1036298
Common Vulnerability Exposure (CVE) ID: CVE-2016-5645
BugTraq ID: 92428
http://www.securityfocus.com/bid/92428
https://ics-cert.us-cert.gov/advisories/ICSA-16-224-01
Common Vulnerability Exposure (CVE) ID: CVE-2017-7922
BugTraq ID: 99083
http://www.securityfocus.com/bid/99083
https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01
Common Vulnerability Exposure (CVE) ID: CVE-2020-5364
https://www.dell.com/support/security/en-us/details/543775/DSA-2020-124-Dell-EMC-Isilon-OneFS-Security-Update-for-Multiple-Vulnerabilities
Common Vulnerability Exposure (CVE) ID: CVE-1999-0186
Sun Security Bulletin: 00178
XForce ISS Database: snmp-backdoor-access
Common Vulnerability Exposure (CVE) ID: CVE-1999-0254
ISS Security Advisory: Hidden SNMP community in HP OpenView
XForce ISS Database: hpov-hidden-snmp-comm
Common Vulnerability Exposure (CVE) ID: CVE-2004-0311
BugTraq ID: 9681
http://www.securityfocus.com/bid/9681
Bugtraq: 20040216 APC 9606 SmartSlot Web/SNMP management card "backdoor" (Google Search)
http://marc.info/?l=bugtraq&m=107703696631367&w=2
Bugtraq: 20040219 Re: Fw: APC 9606 SmartSlot Web/SNMP management card "backdoor" (Google Search)
http://marc.info/?l=bugtraq&m=107721020803565&w=2
XForce ISS Database: apc-smartslot-default-password(15238)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15238
Common Vulnerability Exposure (CVE) ID: CVE-2006-4950
BugTraq ID: 20125
http://www.securityfocus.com/bid/20125
CERT/CC vulnerability note: VU#123140
http://www.kb.cert.org/vuls/id/123140
Cisco Security Advisory: 20060920 DOCSIS Read-Write Community String Enabled in Non-DOCSIS Platforms
http://www.cisco.com/warp/public/707/cisco-sa-20060920-docsis.shtml
http://www.osvdb.org/29034
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5665
http://securitytracker.com/id?1016899
http://secunia.com/advisories/21974
http://www.vupen.com/english/advisories/2006/3722
XForce ISS Database: ios-docsis-default-snmp(29054)
https://exchange.xforce.ibmcloud.com/vulnerabilities/29054
Common Vulnerability Exposure (CVE) ID: CVE-2010-1574
BugTraq ID: 41436
http://www.securityfocus.com/bid/41436
CERT/CC vulnerability note: VU#732671
http://www.kb.cert.org/vuls/id/732671
Cisco Security Advisory: 20100707 Hard-Coded SNMP Community Names in Cisco Industrial Ethernet 3000 Series Switches Vulnerability
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3891f.shtml
http://osvdb.org/66120
http://securitytracker.com/id?1024173
http://secunia.com/advisories/40407
http://www.vupen.com/english/advisories/2010/1754
XForce ISS Database: cisco-industrial-snmp-unauth-access(60145)
https://exchange.xforce.ibmcloud.com/vulnerabilities/60145
Common Vulnerability Exposure (CVE) ID: CVE-2010-2976
Common Vulnerability Exposure (CVE) ID: CVE-2016-1473
BugTraq ID: 92710
http://www.securityfocus.com/bid/92710
Cisco Security Advisory: 20160831 Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-sps3
http://www.synacktiv.com/ressources/advisories_cisco_switch_sg220_default_snmp.pdf
http://www.securitytracker.com/id/1036711
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.