OSVDB ID: 86571 Title: Multiple Vendors SNMP h3c-user.mib / hh3c-user.mib (h)h3cUserPassword Remote Disclosure |
Info |
|
|
Dates |
||||
|
|
Description |
Multiple HP products contain a flaw that may lead to an unauthorized disclosure of a router user password. The issue is due to the h3c-user.mib and hh3c-user.mib have read-create access to the following objects within the (h)h3cUserInfoEntry sequence: (h)h3cUserName, (h)h3cUserPassword, (h)h3cAuthMode, and (h)h3cUserLevel. If an attacker has the SNMP public community string then s/he has the ability to view these entries. The (h)h3cUserPassword can be configured in a variety of ways, including cleartext, or stored with SHA-256 encryption. The presence of SHA-256 is a relatively recent addition to routers, so many of the deployed devices may have passwords in plaintext. |
Classification |
Location:
Remote / Network Access
Attack Type: Information Disclosure Impact: Loss of Confidentiality Solution: Patch / RCS Exploit: Exploit Public Disclosure: Vendor Verified |
Solution |
The vendor has released a patch to address this vulnerability. Check the vendor advisory or solution in the references section. There are no known workarounds or upgrades to correct this issue. |
Products |
|
References |
|
Credit |
Unknown or Incomplete |