Vulnerabilities > CVE-2004-1776 - Unspecified vulnerability in Cisco IOS 12.1(3)/12.1(3)T
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN cisco
nessus
Summary
Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 2 |
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20010228-IOS-SNMP-COMMUNITYHTTP.NASL |
| description | Multiple Cisco IOS Software and CatOS software releases contain several independent but related vulnerabilities involving the unexpected creation and exposure of SNMP community strings. These vulnerabilities can be exploited to permit the unauthorized viewing or modification of affected devices. To remove the vulnerabilities, Cisco is offering free software upgrades for all affected platforms. The defects are documented in DDTS records CSCds32217, CSCds16384, CSCds19674, CSCdr59314, CSCdr61016, and CSCds49183. In addition to specific workarounds for each vulnerability, affected systems can be protected by preventing SNMP access. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 48952 |
| published | 2010-09-01 |
| reporter | This script is (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/48952 |
| title | Cisco IOS Software Multiple SNMP Community String Vulnerabilities - Cisco Systems |