Filtered by vendor Arubanetworks
Subscribe
Search
Total
288 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-26968 | 1 Arubanetworks | 1 Airwave | 2021-03-10 | 3.5 LOW | 4.8 MEDIUM |
| A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the web-based management interface of AirWave could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the affected interface. | |||||
| CVE-2021-26971 | 1 Arubanetworks | 1 Airwave | 2021-03-10 | 6.5 MEDIUM | 6.3 MEDIUM |
| A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave web-base management interface could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system leading to partial system compromise. | |||||
| CVE-2021-26678 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-03-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| A remote unauthenticated stored cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface of ClearPass could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the affected interface. | |||||
| CVE-2021-26681 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-03-01 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-26683 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-27 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-26684 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-27 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-26682 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| A remote reflected cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the guest portal interface of ClearPass could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the portal. A successful exploit could allow an attacker to execute arbitrary script code in a victim’s browser in the context of the guest portal interface. | |||||
| CVE-2021-26686 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-26 | 5.5 MEDIUM | 6.5 MEDIUM |
| A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the web-based management interface API of ClearPass could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass instance. An attacker could exploit this vulnerability to obtain and modify sensitive information in the underlying database. | |||||
| CVE-2020-7120 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-26 | 4.6 MEDIUM | 5.3 MEDIUM |
| A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users to cause a buffer overflow condition. A successful exploit could allow a local attacker to execute arbitrary code within the context the binary is running in, which is a lower privileged account. | |||||
| CVE-2021-26679 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-26 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-26680 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2021-02-26 | 9.0 HIGH | 7.2 HIGH |
| A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in the ClearPass web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | |||||
| CVE-2021-25141 | 2 Arubanetworks, Hpe | 30 Aruba 2530ya, Aruba 2530ya Firmware, Aruba 2530yb and 27 more | 2021-02-16 | 4.9 MEDIUM | 4.4 MEDIUM |
| A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be exploited to cause a crash or reboot in the switch management interface and/or possibly the switch itself leading to local denial of service (DoS). The user must have administrator privileges to exploit this vulnerability. | |||||
| CVE-2020-24638 | 1 Arubanetworks | 1 Airwave Glass | 2021-01-21 | 9.0 HIGH | 7.2 HIGH |
| Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system. | |||||
| CVE-2020-24639 | 1 Arubanetworks | 1 Airwave Glass | 2021-01-21 | 10.0 HIGH | 9.8 CRITICAL |
| There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system. | |||||
| CVE-2020-24640 | 1 Arubanetworks | 1 Airwave Glass | 2021-01-21 | 10.0 HIGH | 9.8 CRITICAL |
| There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system. | |||||
| CVE-2016-2031 | 1 Arubanetworks | 3 Airwave, Aruba Instant, Arubaos | 2020-11-10 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. | |||||
| CVE-2020-7127 | 1 Arubanetworks | 1 Airwave Glass | 2020-10-30 | 7.5 HIGH | 9.8 CRITICAL |
| A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
| CVE-2020-7125 | 1 Arubanetworks | 1 Airwave Glass | 2020-10-27 | 6.5 MEDIUM | 8.8 HIGH |
| A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
| CVE-2020-7126 | 1 Arubanetworks | 1 Airwave Glass | 2020-10-27 | 5.0 MEDIUM | 5.8 MEDIUM |
| A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
| CVE-2015-3655 | 1 Arubanetworks | 1 Clearpass | 2020-10-01 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token. | |||||
| CVE-2020-7119 | 1 Arubanetworks | 1 Analytics And Location Engine | 2020-09-09 | 4.0 MEDIUM | 4.9 MEDIUM |
| A vulnerability exists in the Aruba Analytics and Location Engine (ALE) web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user. | |||||
| CVE-2019-5320 | 1 Arubanetworks | 12 2530, 2530 Firmware, 2540 and 9 more | 2020-09-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, 16.10.* before 16.10.0003 are vulnerable to Cross Site Scripting in the web UI, leading to injection of code. | |||||
| CVE-2019-5314 | 1 Arubanetworks | 1 Arubaos | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Some web components in the ArubaOS software are vulnerable to HTTP Response splitting (CRLF injection) and Reflected XSS. An attacker would be able to accomplish this by sending certain URL parameters that would trigger this vulnerability. | |||||
| CVE-2018-16417 | 2 Arubanetworks, Siemens | 3 Instant, W1750d, W1750d Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and 8.4.x prior to 8.4.0.1 allows Command injection. | |||||
| CVE-2018-7080 | 1 Arubanetworks | 9 203r, 203r Firmware, 203rp and 6 more | 2020-08-24 | 5.4 MEDIUM | 7.5 HIGH |
| A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP's BLE radio and could then gain access to the AP's console port. This vulnerability is applicable only if the BLE radio has been enabled in affected access points. The BLE radio is disabled by default. Note - Aruba products are NOT affected by a similar vulnerability being tracked as CVE-2018-16986. | |||||
| CVE-2019-5323 | 1 Arubanetworks | 1 Airwave | 2020-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| There are command injection vulnerabilities present in the AirWave application. Certain input fields controlled by an administrative user are not properly sanitized before being parsed by AirWave. If conditions are met, an attacker can obtain command execution on the host. | |||||
| CVE-2019-5322 | 1 Arubanetworks | 14 2530 10\/100 Port, 2530 10\/100 Port Firmware, 2530 With Gigt Port and 11 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions. | |||||
| CVE-2018-7082 | 1 Arubanetworks | 1 Aruba Instant | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0 | |||||
| CVE-2018-7084 | 1 Arubanetworks | 1 Aruba Instant | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files, read configuration, write files, delete files, or reboot the device. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.1 | |||||
| CVE-2020-7115 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2020-07-08 | 10.0 HIGH | 9.8 CRITICAL |
| The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher. | |||||
| CVE-2020-7117 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2020-06-04 | 9.0 HIGH | 7.2 HIGH |
| The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher. | |||||
| CVE-2020-7114 | 1 Arubanetworks | 1 Clearpass | 2020-04-23 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. As a result of this attack, a possible complete cluster compromise might occur. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher. | |||||
| CVE-2020-7110 | 1 Arubanetworks | 1 Clearpass | 2020-04-22 | 3.5 LOW | 4.8 MEDIUM |
| ClearPass is vulnerable to Stored Cross Site Scripting by allowing a malicious administrator, or a compromised administrator account, to save malicious scripts within ClearPass that could be executed resulting in a privilege escalation attack. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher. | |||||
| CVE-2020-7111 | 1 Arubanetworks | 1 Clearpass | 2020-04-22 | 6.5 MEDIUM | 7.2 HIGH |
| A server side injection vulnerability exists which could allow an authenticated administrative user to achieve Remote Code Execution in ClearPass. Resolution: Fixed in 6.7.13, 6.8.4, 6.9.0 and higher. | |||||
| CVE-2019-5326 | 1 Arubanetworks | 1 Airwave | 2020-03-03 | 6.5 MEDIUM | 7.2 HIGH |
| An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component. | |||||
| CVE-2016-2032 | 1 Arubanetworks | 3 Airwave, Aruba Instant, Arubaos | 2020-02-07 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. This interface listens on TCP port 15672 and 55672 | |||||
| CVE-2016-4401 | 1 Arubanetworks | 1 Clearpass | 2019-11-08 | 10.0 HIGH | 9.8 CRITICAL |
| Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials. | |||||
| CVE-2017-13099 | 3 Arubanetworks, Siemens, Wolfssl | 4 Instant, Scalance W1750d, Scalance W1750d Firmware and 1 more | 2019-10-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT." | |||||
| CVE-2018-7079 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2019-10-03 | 6.5 MEDIUM | 7.2 HIGH |
| Aruba ClearPass Policy Manager guest authorization failure. Certain administrative operations in ClearPass Guest do not properly enforce authorization rules, which allows any authenticated administrative user to execute those operations regardless of privilege level. This could allow low-privilege users to view, modify, or delete guest users. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix. | |||||
| CVE-2018-7066 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2019-10-03 | 9.3 HIGH | 9.0 CRITICAL |
| An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -> Network -> Devices -> CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix. | |||||
| CVE-2018-7081 | 1 Arubanetworks | 1 Arubaos | 2019-09-16 | 9.3 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute arbitrary code within the underlying operating system with full system privileges. Such an attack could lead to complete system compromise. The ability to transmit traffic to an IP interface on the mobility controller is required to carry out an attack. The attack leverages the PAPI protocol (UDP port 8211). If the mobility controller is only bridging L2 traffic to an uplink and does not have an IP address that is accessible to the attacker, it cannot be attacked. | |||||
| CVE-2019-5315 | 1 Arubanetworks | 1 Arubaos | 2019-09-16 | 9.0 HIGH | 7.2 HIGH |
| A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. This vulnerability only affects ArubaOS 8.x. | |||||
| CVE-2018-7064 | 2 Arubanetworks, Siemens | 3 Aruba Instant, Scalance W1750d, Scalance W1750d Firmware | 2019-05-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability is present in an unauthenticated Aruba Instant web interface. An attacker could use this vulnerability to trick an IAP administrator into clicking a link which could then take administrative actions on the Instant cluster, or expose the session cookie for an administrative session. Workaround: Administrators should make sure they log out of the Aruba Instant UI when not actively managing the system, and should use caution clicking links from external sources while logged into the IAP administrative interface. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0 | |||||
| CVE-2018-7083 | 2 Arubanetworks, Siemens | 3 Aruba Instant, Scalance W1750d, Scalance W1750d Firmware | 2019-05-20 | 5.0 MEDIUM | 7.5 HIGH |
| If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0 | |||||
| CVE-2018-7063 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2019-02-05 | 6.8 MEDIUM | 8.1 HIGH |
| In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass which have been disabled may still be able to perform read/write operations on parts of the XML API. This can lead to unauthorized access to the API and complete compromise of the ClearPass instance if an attacker knows of the existence of these accounts. | |||||
| CVE-2018-7065 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2019-02-05 | 6.5 MEDIUM | 7.2 HIGH |
| An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could exploit this vulnerability to gain access to "appadmin" credentials, leading to complete cluster compromise. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix. | |||||
| CVE-2018-7067 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2019-02-05 | 6.5 MEDIUM | 7.2 HIGH |
| A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. An authentication flaw in all versions of ClearPass could allow an attacker to compromise the entire cluster through a specially crafted API call. Network access to the administrative web interface is required to exploit this vulnerability. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix. | |||||
| CVE-2014-8368 | 1 Arubanetworks | 1 Airwave | 2018-12-20 | 9.0 HIGH | N/A |
| The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors. | |||||
| CVE-2014-8367 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2018-12-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) 6.2.x, 6.3.x before 6.3.6, and 6.4.x before 6.4.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2008-7095 | 1 Arubanetworks | 2 Aruba Mobility Controller, Arubaos | 2018-10-11 | 7.8 HIGH | N/A |
| The SNMP daemon in ArubaOS 3.3.2.6 in Aruba Mobility Controller does not restrict SNMP access, which allows remote attackers to (1) read all SNMP community strings via SNMP-COMMUNITY-MIB::snmpCommunityName (1.3.6.1.6.3.18.1.1.1.2) or SNMP-VIEW-BASED-ACM-MIB::vacmGroupName (1.3.6.1.6.3.16.1.2.1.3) with knowledge of one community string, and (2) read SNMPv3 user names via SNMP-USER-BASED-SM-MIB or SNMP-VIEW-BASED-ACM-MIB. | |||||