Vulnerability Description
Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Virtual Central Office 4000 | <= 5.1.3 |
References
- http://www.atstake.com/research/advisories/2000/a102600-1.txtPatchVendor Advisory
- http://www.securityfocus.com/bid/1885ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5425
- http://www.atstake.com/research/advisories/2000/a102600-1.txtPatchVendor Advisory
- http://www.securityfocus.com/bid/1885ExploitPatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5425
FAQ
What is CVE-2000-0955?
CVE-2000-0955 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain p...
How severe is CVE-2000-0955?
CVE-2000-0955 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2000-0955?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Virtual Central Office 4000.