Belden · Belden Hirschmann Classic Platform Switches · CVE-2016-2509
**Name of the Vulnerable Software and Affected Versions**
Belden Hirschmann Classic Platform switches L2B versions prior to 05.3.07
Belden Hirschmann Classic Platform switches L2E, L2P, L3E, and L3P versions prior to 09.0.06
**Description**
The password-sync feature sets an SNMP community to the same string as the administrator `password`, allowing remote attackers to obtain sensitive information by sniffing the network.
**Recommendations**
For L2B versions prior to 05.3.07, update to version 05.3.07 or later to resolve the issue.
For L2E, L2P, L3E, and L3P versions prior to 09.0.06, update to version 09.0.06 or later to resolve the issue.