Fixed Public and Private SNMP Community Strings in Cisco IP Phone 7920 by Cisco
CVE-2005-3803

7.5HIGH

Key Information:

Vendor

Cisco
Status
7920 Wireless Ip Phone
Vendor
CVE Published:
24 November 2005

What is CVE-2005-3803?

The Cisco IP Phone 7920 version 1.0(8) is impacted by a vulnerability due to hard-coded public and private SNMP community strings. These strings, which are fixed and cannot be modified, allow unauthorized remote attackers to gain access to sensitive information through SNMP queries, potentially compromising the confidentiality of the system.

References

http://securitytracker.com/id?1015232
vdb-entryx_refsource_SECTRACK
http://www.osvdb.org/20966
vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/17604/
third-party-advisoryx_refsource_SECUNIA

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.