CVE-1999-1513

Vulnerability

A management information base (MIB) object identifier (.1.3.6.1.4.1.43.10.4.2) in 3Com SuperStack II hubs running software version 2.10 [1] exposes the entire table of community strings (both read-only and read-write) to any SNMP read-only community query [1]. The OID decodes to the securityUserTable within the 3Com enterprise MIB [1]. No additional authentication or privileges beyond a valid read-only community string are required [1].

Exploitation

An attacker who knows or can guess a read-only SNMP community string for the affected hub can send a GET request targeting the OID .1.3.6.1.4.1.43.10.4.2 [1]. The device responds with the full list of configured community strings, including those with read-write access [1]. No special network position or user interaction is needed — standard SNMP query capabilities suffice [1].

Impact

Successful exploitation reveals all SNMP community strings configured on the device [1]. Armed with the read-write community string, the attacker can then reconfigure the hub, disrupt network operations, or pivot to further internal network attacks [1]. This leads to a complete compromise of the hub's SNMP-based management capabilities [1].

Mitigation

3Com did not release a patch or fix for this issue as of the publication date (August 1999) [1]. The vendor was notified through the Bugtraq mailing list but no official response was documented [1]. Affected users should restrict SNMP access to trusted hosts via firewalls or ACLs, use strong community strings, and consider upgrading to a newer device model if available [1]. This CVE is not currently listed in CISA's Known Exploited Vulnerabilities catalog.