CVE Daily

CVE-2021-33903

In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing ...

High CVSS 8.8

Overview

In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, changing the password of the root user via the CLI does not change the password of the root user for SNMPv3 access. (However, changing the password of the root user via LANconfig does change the password of the root user for SNMPv3 access.)

CWE: N/A Published: 2021-10-07T15:15:10.593
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.8 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags