CVE-2008-3807

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2 and 12.3 on Cisco uBR10012 series devices

Description The issue allows remote attackers to obtain administrative access by guessing the SNMP community and sending SNMP requests. This is because the read/write SNMP service is enabled with a default community string private when linecard redundancy is configured.

Recommendations For Cisco IOS versions 12.2 and 12.3 on Cisco uBR10012 series devices, change the default SNMP community string private to a secure string to prevent unauthorized access. Consider disabling the SNMP service if it is not necessary for operations.