Vulnerability Name:

CCN-17471

Published:2004-09-22
Updated:2004-09-22
Summary:Symantec Firewall/VPN Appliance hasa default "public" Simple Network Management Protocol (SNMP) community string. A remote attacker could use this vulnerability to obtain sensitive information and modify the device's configuration.
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: BugTraq Mailing List, Wed Sep 22 2004 - 13:50:12 CDT
Multiple Vulnerabilities in Symantec Enterprise Firewall/Gateway Security Products

Source: CCN
Type: Symantec Security Response SYM04-013
Symantec Enterprise Firewall/VPN and Gateway Security 300 Series Appliances Multiple Issues

Source: CCN
Type: BID-11237
Symantec Enterprise Firewall/VPN Appliance Multiple Remote Vulnerabilities

Source: XF
Type: UNKNOWN
symantec-default-snmp(17471)

Vulnerable Configuration:Configuration CCN 1:
  • cpe:/h:symantec:firewall_vpn_appliance_100:*:*:*:*:*:*:*:*
  • OR cpe:/h:symantec:firewall_vpn_appliance_200:*:*:*:*:*:*:*:*
  • OR cpe:/h:symantec:firewall_vpn_appliance_200r:*:*:*:*:*:*:*:*
  • OR cpe:/h:symantec:gateway_security:360r:*:*:*:*:*:*:*
  • AND
  • cpe:/h:symantec:nexland_isb_soho_firewall_appliance:*:*:*:*:*:*:*:*
  • OR cpe:/h:symantec:nexland_pro100_firewall_appliance:*:*:*:*:*:*:*:*
  • OR cpe:/h:symantec:nexland_pro400_firewall_appliance:*:*:*:*:*:*:*:*
  • OR cpe:/h:symantec:nexland_pro800_firewall_appliance:*:*:*:*:*:*:*:*
  • OR cpe:/h:symantec:nexland_pro800turbo_firewall_appliance:*:*:*:*:*:*:*:*
  • OR cpe:/h:symantec:nexland_wavebase_firewall_appliance:*:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec firewall vpn appliance 100 *
    symantec firewall vpn appliance 200 *
    symantec firewall vpn appliance 200r *
    symantec gateway security 360r
    symantec nexland isb soho firewall appliance *
    symantec nexland pro100 firewall appliance *
    symantec nexland pro400 firewall appliance *
    symantec nexland pro800 firewall appliance *
    symantec nexland pro800turbo firewall appliance *
    symantec nexland wavebase firewall appliance *