PT-2018-15354 · Zoom · Zoom
Capitan Alfalo
·
Publicado
2018-12-23
·
Atualizado
2019-10-03
·
CVE-2018-20401
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Zoom 5352 version 5.5.8.6Y
Description
The issue allows remote attackers to discover credentials via specific SNMP requests, including
iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0.Recommendations
For Zoom 5352 version 5.5.8.6Y, consider restricting access to the SNMP service to minimize the risk of exploitation. As a temporary workaround, limit the use of the affected SNMP requests until a patch is available.
Exploit
Correção
Insufficiently Protected Credentials
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Zoom