Cisco Resource Manager (CRM) 1.1 and previous versions creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco resource manager |