Default Writable SNMP Community Names Vuln in Cisco Industrial Ethernet 3000 Series Switches

Cisco Industrial Ethernet 3000 (IE 3000) Series switches running IOS versions 12.2(52)SE or 12.2(52)SE1 have vulnerability where the SNMP “public” and “private” community names are hard-coded for both read and write access.

Vendor workaround and upgrade information is at the link below.

References:
http://www.cisco.com/warp/public/707/cisco-sa-20100707-snmp.shtml

email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

Share

Leave a Reply