CVE-2010-1574
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589.
IOS v12.2(52)SE y v12.2(52)SE1 en switches Cisco Industrial Ethernet (IE) 3000 series tiene (1) un nombre de comunidad público con acceso RO y (2) un nombre de comunidad privado de acceso RW, lo que hace más fácil para los atacantes remotos modificar la configuración u obtener información sensible a través de peticiones SNMP, también conocido como Bug ID CSCtf25589.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-04-27 CVE Reserved
- 2010-07-08 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://osvdb.org/66120 | Vdb Entry | |
| http://securitytracker.com/id?1024173 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/732671 | Third Party Advisory |
|
| http://www.securityfocus.com/bid/41436 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2010/1754 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/60145 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/40407 | 2017-08-17 | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3891f.shtml | 2017-08-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2\(52\)se Search vendor "Cisco" for product "Ios" and version "12.2\(52\)se" | - |
Affected
| in | Cisco Search vendor "Cisco" | Industrial Ethernet 3000 Search vendor "Cisco" for product "Industrial Ethernet 3000" | * | - |
Affected
|
| Cisco Search vendor "Cisco" | Ios Search vendor "Cisco" for product "Ios" | 12.2\(52\)se1 Search vendor "Cisco" for product "Ios" and version "12.2\(52\)se1" | - |
Affected
| in | Cisco Search vendor "Cisco" | Industrial Ethernet 3000 Search vendor "Cisco" for product "Industrial Ethernet 3000" | * | - |
Affected
|