CVE-2010-2976

Name of the Vulnerable Software and Affected Versions Cisco Unified Wireless Network (UWN) Solution versions 7.x through 7.0.98.0

Description The issue concerns default settings in the Cisco Unified Wireless Network (UWN) Solution that could facilitate remote access. Specifically, it involves default SNMP community strings and default values for SNMP v3 credentials. These defaults include a read-only community string of public, a read-write community string of private, and default values of default for the SNMP v3 username, SNMP v3 authentication password, and SNMP v3 privacy password. This could make it easier for attackers to gain access remotely.

Recommendations For Cisco Unified Wireless Network (UWN) Solution versions 7.x through 7.0.98.0, change the default SNMP community strings and update the SNMP v3 credentials to unique, secure values. Specifically, modify the SNMP v3 username, SNMP v3 authentication password, and SNMP v3 privacy password from their default values to strong, custom settings. Additionally, consider restricting access to SNMP services to minimize the risk of exploitation.