{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2016-15058", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2026-04-03T21:50:15.953Z", "datePublished": "2026-04-03T21:59:07.731Z", "dateUpdated": "2026-04-07T14:17:23.799Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-03T21:59:07.731Z"}, "title": "Hirschmann HiLCOS Classic Platform Password Exposure via SNMP", "descriptions": [{"lang": "en", "value": "Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerability where user passwords are synchronized with SNMPv1/v2 community strings and transmitted in plaintext when the feature is enabled. Attackers with local network access can sniff SNMP traffic or extract configuration data to recover plaintext credentials and gain unauthorized administrative access to the switches."}], "datePublic": "2016-12-19T00:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-257", "description": "CWE-257: Storing Passwords in a Recoverable Format", "type": "CWE"}]}], "affected": [{"vendor": "Belden", "product": "Hirschmann HiLCOS Classic Platform", "versions": [{"status": "unaffected", "version": ">= 09.0.06", "versionType": "custom"}, {"status": "unaffected", "version": ">= 05.3.07", "versionType": "custom"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "09.0.05"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "05.3.06"}], "defaultStatus": "affected"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "version": "3.1", "baseSeverity": "HIGH", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "ADJACENT", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.4, "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"}}], "references": [{"url": "https://assets.belden.com/m/1d8273c6205dc400/original/Security-Bulletin-Password-Sync-SNMP-v1-v2-BSECV-2016-12.pdf", "tags": ["vendor-advisory"]}, {"url": "https://www.kb.cert.org/vuls/id/507216"}, {"url": "https://www.vulncheck.com/advisories/hirschmann-hilcos-classic-platform-password-exposure-via-snmp", "tags": ["third-party-advisory"]}], "source": {"discovery": "EXTERNAL"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-07T14:17:16.881399Z", "id": "CVE-2016-15058", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T14:17:23.799Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2016-15058", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-04-07T14:17:16.881399Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-07T14:17:20.441Z"}}], "cna": {"title": "Hirschmann HiLCOS Classic Platform Password Exposure via SNMP", "source": {"discovery": "EXTERNAL"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.4, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Belden", "product": "Hirschmann HiLCOS Classic Platform", "versions": [{"status": "unaffected", "version": ">= 09.0.06", "versionType": "custom"}, {"status": "unaffected", "version": ">= 05.3.07", "versionType": "custom"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "09.0.05"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "05.3.06"}], "defaultStatus": "affected"}], "datePublic": "2016-12-19T00:00:00.000Z", "references": [{"url": "https://assets.belden.com/m/1d8273c6205dc400/original/Security-Bulletin-Password-Sync-SNMP-v1-v2-BSECV-2016-12.pdf", "tags": ["vendor-advisory"]}, {"url": "https://www.kb.cert.org/vuls/id/507216"}, {"url": "https://www.vulncheck.com/advisories/hirschmann-hilcos-classic-platform-password-exposure-via-snmp", "tags": ["third-party-advisory"]}], "descriptions": [{"lang": "en", "value": "Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerability where user passwords are synchronized with SNMPv1/v2 community strings and transmitted in plaintext when the feature is enabled. Attackers with local network access can sniff SNMP traffic or extract configuration data to recover plaintext credentials and gain unauthorized administrative access to the switches."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-257", "description": "CWE-257: Storing Passwords in a Recoverable Format"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2026-04-03T21:59:07.731Z"}}}, "cveMetadata": {"cveId": "CVE-2016-15058", "state": "PUBLISHED", "dateUpdated": "2026-04-07T14:17:23.799Z", "dateReserved": "2026-04-03T21:50:15.953Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2026-04-03T21:59:07.731Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Hirschmann HiLCOS Classic Platform switches Classic L2E, L2P, L3E, L3P versions prior to 09.0.06 and Classic L2B prior to 05.3.07 contain a credential exposure vulnerability where user passwords are synchronized with SNMPv1/v2 community strings and transmitted in plaintext when the feature is enabled. Attackers with local network access can sniff SNMP traffic or extract configuration data to recover plaintext credentials and gain unauthorized administrative access to the switches."}], "id": "CVE-2016-15058", "lastModified": "2026-04-07T13:20:55.200", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "disclosure@vulncheck.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "ADJACENT", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2026-04-03T22:16:24.563", "references": [{"source": "disclosure@vulncheck.com", "url": "https://assets.belden.com/m/1d8273c6205dc400/original/Security-Bulletin-Password-Sync-SNMP-v1-v2-BSECV-2016-12.pdf"}, {"source": "disclosure@vulncheck.com", "url": "https://www.kb.cert.org/vuls/id/507216"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/hirschmann-hilcos-classic-platform-password-exposure-via-snmp"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-257"}], "source": "disclosure@vulncheck.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[09.0.06,*]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "semver", "value": "[05.3.07,*]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,09.0.05]"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,05.3.06]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Hirschmann HiLCOS Classic Platform", "source": "cna", "vendor": "Belden"}, "product": "hirschmann_hilcos_classic_platform", "vendor": "belden"}], "analysis": {"en": {"generated_at": "2026-04-04T01:25:54.193700+00:00", "value": {"mitigation_remediation": ["Upgrade the device firmware to version 09.0.06 (or newer) for L2E/L2P/L3E/L3P or 05.3.07 (or newer) for L2B.", "Disable the SNMPv1/v2 community string password synchronization feature if an upgrade is not immediately possible.", "Restrict SNMP traffic to trusted management hosts and block SNMP on untrusted network segments.", "Monitor SNMP logs for unusual authentication activity and conduct periodic network packet captures to verify that password strings are not transmitted in clear text."], "summary": {"action": "Patch Immediately", "impact": "Administrative Access"}, "threat_synthesis": {"affected_systems": "The flaw affects Belden Hirschmann HiLCOS Classic Platform switches, specifically Classic L2E, L2P, L3E, L3P releases before version 09.0.06 and Classic L2B releases before version 05.3.07. These models forward all configured passwords as SNMP community string values when the feature is enabled.", "description_and_impact": "The vulnerability arises when user passwords are synchronized with SNMPv1/v2 community strings and sent over the network in clear text. An attacker who can monitor the local network or read configuration files can capture these strings, decode the plaintext credentials, and then use them to achieve unauthorized administrative access to the device. The weakness exemplified by CWE\u2011257 allows a legitimate credential to be exposed by design, undermining authentication controls.", "risk_and_exploitability": "The vulnerability scores 8.4 on the CVSS base metric, indicating high severity, and it is not listed in the CISA KEV catalog. EPSS data is not published. The exploitation path requires local network access; an attacker must be able to sniff SNMP traffic or extract the device configuration. Once the attack is executed, the attacker gains full administrative rights. While remote exploitation is unlikely, any compromised local network segment poses a significant risk for routine SNMP traffic."}}}}, "created": "2026-04-06T21:22:17.314463+00:00", "updated": "2026-04-06T22:21:54.684534+00:00", "vendors": ["belden", "belden$PRODUCT$hirschmann_hilcos_classic_platform"]}