cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
252
Views
0
Helpful
2
Replies

About Security Vulnerability....

hyukin.kwon
Level 1
Level 1

Hi all,

I have many Cat3524 Switches, Version is IOS (tm) C3500xl Software (C3500xl-C3H2S-M), Version 12.0(5)WC5, RELEASE SOFTWARE (fc1)

Suddenly, The Vlan 1 IP address and the enable password is changed . Someone might change the configuration. The other curios thing is that kind of things happend only on Cat 3524 switch.

My point is " Is there any vulnerability on Cat3524 , especially on IOS 12.0(5) ?"

Thanks in advance...

2 Replies 2

Prashanth Krishnappa
Cisco Employee
Cisco Employee

I have not come across such a vulnerability or a bug. I would think somebody/some script changed the configuration.

madnos
Level 1
Level 1

Hello,

Are you using the default SNMP community strings on the switch? If so the RW sting can be used to change the config and the re-apply it to the switch.

Also, you should not use VLAN1 because of attackers being able to VLAN hop from lower VLANs to VLAN1.

Just a couple of things to think about.

HTH

Tim

Review Cisco Networking for a $25 gift card