Cisco IP/VC Devices Have Known Default SNMP Community Strings

Reported February 2, 2005 by Cisco Systems

VERSIONS AFFECTED


  • Cisco IPVC-3510-MCU

  • Cisco IPVC-3520-GW-2B

  • Cisco IPVC-3520-GW-4B

  • Cisco IPVC-3520-GW-2V

  • Cisco IPVC-3520-GW-4V

  • Cisco IPVC-3520-GW-2B2V

  • Cisco IPVC-3525-GW-1P

  • Cisco IPVC-3530-VTA

DESCRIPTION

The affected products contain hard-coded SNMP community strings, which could be used to gain access to the SNMP management and monitoring interface of the products.

VENDOR RESPONSE

Cisco has released an advisory which states that there is no patch available for the problem. The company suggests that administrators disable SNMP on affected devices. In cases where that is not possible administrators should block SNMP traffic to and from affected devices. More details and suggestions are available in the advisory.

CREDIT
Discovered by Cisco Systems

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish