Vulnerabilities > CVE-2004-1775 - Unspecified vulnerability in Cisco IOS

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
cisco
nessus

Summary

Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string.

Nessus

  • NASL familyCISCO
    NASL idCISCO-SA-20010228-IOS-SNMP-COMMUNITYHTTP.NASL
    descriptionMultiple Cisco IOS Software and CatOS software releases contain several independent but related vulnerabilities involving the unexpected creation and exposure of SNMP community strings. These vulnerabilities can be exploited to permit the unauthorized viewing or modification of affected devices. To remove the vulnerabilities, Cisco is offering free software upgrades for all affected platforms. The defects are documented in DDTS records CSCds32217, CSCds16384, CSCds19674, CSCdr59314, CSCdr61016, and CSCds49183. In addition to specific workarounds for each vulnerability, affected systems can be protected by preventing SNMP access.
    last seen2020-06-01
    modified2020-06-02
    plugin id48952
    published2010-09-01
    reporterThis script is (C) 2010-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/48952
    titleCisco IOS Software Multiple SNMP Community String Vulnerabilities - Cisco Systems
  • NASL familySNMP
    NASL idSNMP_VACM.NASL
    descriptionIt is possible to obtain the remote private community strings using the View-Based Access Control MIB (VACM) of the remote Cisco router. An attacker may use this flaw to gain read/write SNMP access on this router. Note that a value in this table does not necessarily mean that an instance with the value exists in table vacmAccessTable. The SNMP private community string(s) returned may only allow read access.
    last seen2020-06-01
    modified2020-06-02
    plugin id10688
    published2001-06-15
    reporterThis script is Copyright (C) 2001-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/10688
    titleCisco CatOS VACM read-write Community String Device Configuration Manipulation