Cisco Information for VU#976280

Multiple networking devices allow SNMP objects to be viewed/modified via ILMI community string

Status

Affected

Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

Cisco has released an advisory that provides a list of affected products, along with instructions for obtaining fixed software. Because there are many possible combinations of hardware and software configurations, the CERT/CC recommends that all users of IOS software consult the following Cisco Security Advisory:


It is important to note that the information leakage aspect of this vulnerability may affect any Cisco product whose IOS software includes ATM support, regardless of whether the product itself has the physical capability to include ATM interfaces. For further details, please consult the Cisco Security Advisory referenced above.

If you have feedback, comments, or additional information about this vulnerability, please send us email.