3Com Superstack 3 Switch Multiple Default Accounts

High Nessus Plugin ID 10747


The remote switch has accounts with default passwords set.


The 3Com Superstack 3 switch has the default passwords set.

The attacker could use these default passwords to gain remote access to your switch and then reconfigure the switch. These passwords could also be potentially used to gain sensitive information about your network from the switch.


Set a strong password for the accounts.

Plugin Details

Severity: High

ID: 10747

File Name: 3com_switches.nasl

Version: $Revision: 1.24 $

Type: remote

Family: Misc.

Published: 2001/08/29

Modified: 2013/12/16

Risk Information

Risk Factor: High


Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Excluded KB Items: global_settings/supplied_logins_only

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2002/09/12

Exploitable With

Metasploit (SNMP Community Scanner)

Reference Information

CVE: CVE-1999-0508

OSVDB: 620