Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-7095


Vulnerability Score 7.8 7.8
CVE Id CVE-2008-7095
Last Modified 28 Aug 2009 12:00:00
Published 27 Aug 2009 02:30:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



The SNMP daemon in ArubaOS in Aruba Mobility Controller does not restrict SNMP access, which allows remote attackers to (1) read all SNMP community strings via SNMP-COMMUNITY-MIB::snmpCommunityName ( or SNMP-VIEW-BASED-ACM-MIB::vacmGroupName ( with knowledge of one community string, and (2) read SNMPv3 user names via SNMP-USER-BASED-SM-MIB or SNMP-VIEW-BASED-ACM-MIB.

Vulnerable Systems

Operating System

  • Arubanetworks Arubaos


BID - 32102

BUGTRAQ - 20081104 Aruba Mobility Controller SNMP Community String Disclosure

OSVDB - 51916

Last Updated: 27 May 2016 10:49:28