Cisco IP Phone default SNMP community strings
| cisco-ipphone-default-snmp (23067) |  Medium Risk |
Description:
Cisco IP Phone has a default public and private SNMP (Simple Network Management Protocol) community string that cannot be changed by the user. This could allow a remote attacker to view, modify, or delete device configuration using the SNMP service.
Platforms Affected:
- Cisco, 7920 Wireless IP Phone 1.0(8)
Remedy:
Upgrade to the latest fixed firmware version or apply the appropriate workaround, as listed in Cisco Security Advisory: cisco-sa-20051116-7920. See References.
Consequences:
Gain Access
References:
- cisco-sa-20051116-7920, Cisco Security Advisory: Fixed SNMP Communities and Open UDP Port in Cisco 7920 Wireless IP Phone at http://www.cisco.com/en/US/products/products_security_advisory09186a00805777cb.shtml.
- BID-15454: Cisco 7920 Wireless IP Phone Fixed SNMP Community String Vulnerability
- CVE-2005-3803: Cisco IP Phone (VoIP) 7920 1.0(8) contains certain hard-coded (fixed) public and private SNMP community strings that cannot be changed, which allows remote attackers to obtain sensitive information.
- OSVDB ID: 20966: Cisco 7920 Wireless IP Phone Persistent Default SNMP Strings
- SA17604: Cisco Wireless IP Phone Two Vulnerabilities
- SECTRACK ID: 1015232: Cisco 7920 Wireless IP Phone Grants Remote Users SNMP Access, Discloses Debugging Information, and Lets Remote Users Deny Service
Reported:
Nov 16, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net