Vulnerability Description
An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cambium Networks | Epmp 1000 Firmware | - |
| Cambium Networks | Epmp 1000 | - |
| Cambium Networks | Epmp Elevate Firmware | - |
| Cambium Networks | Epmp Elevate | - |
| Cambium Networks | Epmp 2000 Firmware | - |
| Cambium Networks | Epmp 2000 | - |
| Cambium Networks | Epmp 1000 Hotspot Firmware | - |
| Cambium Networks | Epmp 1000 Hotspot | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/99083Third Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01Third Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/99083Third Party AdvisoryUS Government Resource
- https://ics-cert.us-cert.gov/advisories/ICSA-17-166-01Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2017-7922?
CVE-2017-7922 is a vulnerability with a CVSS score of 7.6 (HIGH). An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sen...
How severe is CVE-2017-7922?
CVE-2017-7922 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-7922?
Check the references section above for vendor advisories and patch information. Affected products include: Cambium Networks Epmp 1000 Firmware, Cambium Networks Epmp 1000, Cambium Networks Epmp Elevate Firmware, Cambium Networks Epmp Elevate, Cambium Networks Epmp 2000 Firmware.