Cisco uBR10012 Series Devices SNMP Vulnerability - Cisco Systems

This script is (C) 2010-2014 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Cisco uBR10012 series devices automatically enable Simple Network
Management Protocol (SNMP) read/write access to the device if
configured for linecard redundancy. This can be exploited by an
attacker to gain complete control of the device. Only Cisco uBR10012
series devices that are configured for linecard redundancy are

Cisco has released free software updates that address this
vulnerability. Workarounds that mitigate this vulnerability are

See also :

Solution :

Apply the relevant patch referenced in Cisco Security Advisory

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 49027 (cisco-sa-20080924-ubrhttp.nasl)

Bugtraq ID: 31355

CVE ID: CVE-2008-3807