Cisco IOS SNMP May Expose Configuration

Reported February 28, 2001, by Cisco Systems.


All Cisco products using the Internetwork Operating System (IOS), including (but not limited to):

  • 800, 1000, 1005, 1400, 1600, 1700, 2500, 2600, 3600, MC3810, 4000, 4500, 4700, 6200, 6400 NRP, and 6400 NSP series Cisco routers

  • ubr900 and ubr920 universal broadband routers

  • Catalyst 2900 ATM, 2900XL, 2948g, 3500XL, 4232, 4840g, and 5000 RSFC series switches

  • 5200, 5300, and 5800 series access servers

  • Catalyst 6000 MSM, 6000 Hybrid Mode, 6000 Native Mode, 6000 Supervisor Module, and Catalyst ATM Blade

  • RSM, 7000, 7010, 7100, 7200, ubr7200, 7500, 10000 ESR, and 12000 GSR series Cisco routers

  • DistributedDirector

  • Catalyst 8510CSR, 8510MSR, 8540CSR, and 8540MSR series switches


A vulnerability exists in the Cisco IOS implementation of SNMP that allows access to configuration information on affected devices. By knowing the read-only SNMP community string, an intruder can gain access to configuration information on a read-only basis. By knowing the SNMP read-write community string, an intruder can make unauthorized configuration modifications.


Cisco has issued two notices regarding this vulnerability:

Customers can obtain a firmware upgrade through Cisco distribution channels.

Discovered by Cisco Systems.


Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.