Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-3807

Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests.

Published

2008-09-26T16:21:44.237

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 9.3 (HIGH)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	cisco	ios	12.2bc	Yes
Operating System	cisco	ios	12.2cx	Yes
Operating System	cisco	ios	12.2cy	Yes
Operating System	cisco	ios	12.2xf	Yes
Operating System	cisco	ios	12.3bc	Yes

References

http://secunia.com/advisories/31990 Third Party Advisory ([email protected])
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014b1.shtml Vendor Advisory ([email protected])
http://www.securitytracker.com/id?1020941 Broken Link, Third Party Advisory, VDB Entry ([email protected])
http://www.vupen.com/english/advisories/2008/2670 Permissions Required ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5452 Third Party Advisory ([email protected])
http://secunia.com/advisories/31990 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.cisco.com/en/US/products/products_security_advisory09186a0080a014b1.shtml Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1020941 Broken Link, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/2670 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5452 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)