← Back

CVE-2017-7922

nvd nist
Published: Jun 21, 2017Modified: May 13, 2026

JSON object

Loading...
7.6
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Exploitability: 2.8 / Impact: 4.7
Source: NVD

Description

An Improper Privilege Management issue was discovered in Cambium Networks ePMP. The privileges for SNMP community strings are not properly restricted, which may allow an attacker to gain access to sensitive information and possibly allow for configuration changes.

Affected (4)

Cambium Networks
4 products
Epmp 1000 Firmware
Epmp Elevate Firmware
Epmp 2000 Firmware
Epmp 1000 Hotspot Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Epmp 1000 Firmware
All versions
Running on/withPlatform Versions
Cambium Networks
Epmp 1000
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Epmp Elevate Firmware
All versions
Running on/withPlatform Versions
Cambium Networks
Epmp Elevate
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Epmp 2000 Firmware
All versions
Running on/withPlatform Versions
Cambium Networks
Epmp 2000
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Epmp 1000 Hotspot Firmware
All versions
Running on/withPlatform Versions
Cambium Networks
Epmp 1000 Hotspot
All versions

Related CWEs

CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (4)

Source: ics-cert@hq.dhs.gov
Third Party AdvisoryUS Government Resource
Source: ics-cert@hq.dhs.gov
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryUS Government Resource

Timeline

No history available yet.