PT-1999-1748 · 3Com · 3Com Superstack Ii Hub

Published

1999-08-30

Updated

2016-10-18

CVE-1999-1513

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: 3Com SuperStack II hub version 2.10

Description: The Management information base (MIB) for the 3Com SuperStack II hub contains an object identifier (.1.3.6.1.4.1.43.10.4.2) that is accessible by a read-only community string. This object identifier lists the entire table of community strings, which could allow attackers to conduct unauthorized activities.

Recommendations: For version 2.10, restrict access to the object identifier .1.3.6.1.4.1.43.10.4.2 to prevent unauthorized disclosure of community strings. Consider changing the read-only community string to a more secure value to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-1999-1513

Affected Products

3Com Superstack Ii Hub

PT-1999-1748 · 3Com · 3Com Superstack Ii Hub

CVE-1999-1513

Related Identifiers

Affected Products

References · 2