Main
Vulnerability Database
Exploits
ID:60 - Exploit for Information disclosure in ePMP - CVE-2017-7922
ID:60 - Exploit for Information disclosure in ePMP - CVE-2017-7922
Published: March 18, 2020
Vulnerability identifier: #VU7134
Vulnerability risk: Low
CVE-ID: CVE-2017-7922
CWE-ID: CWE-269
Exploitation vector: Remote access
Vulnerable software:
ePMP
ePMP
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.
The weakness exists due to improper restriction of the privileges for SNMP community strings. A remote attacker can gain access to sensitive information and possibly change configuration.
Successful exploitation of the vulnerability results in information disclosure.
Remediation
Update to version 3.4-RC7 or later.