PT-2006-5693 · Cisco · Cisco Ios
Ryan Giobbi
·
Published
2006-09-23
·
Updated
2017-10-11
·
CVE-2006-4950
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco IOS versions 12.2 through 12.4 before 20060920
Description
The issue allows remote attackers to gain read-write access via a hard-coded
cable-docsis community string and read or modify arbitrary SNMP variables, due to incorrect identification of DOCSIS support.Recommendations
For Cisco IOS versions 12.2 through 12.4 before 20060920, consider changing the hard-coded
cable-docsis community string to prevent unauthorized access until a patch is available. Restrict access to SNMP variables to minimize the risk of exploitation.Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Cisco Ios