Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco IOS 配置错误漏洞
Vulnerability Description
Cisco IOS是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS 12.2 和 12.3版本存在配置错误漏洞,该漏洞源于在配置了线卡冗余的情况下,Cisco uBR10012系列设备需要与RF交换机通讯,这种通讯是基于SNMP的。如果Cisco uBR10012系列设备上启用了线卡冗余,还会以拥有读写权限的默认团体字符串private自动启用SNMP。由于对这个团体字符串没有访问限制,攻击者可以利用这个团体字符串完全控制设备。
CVSS Information
N/A
Vulnerability Type
N/A