The salt is put on top of the password string. That means it's quite easy to make a rainbow table for it or simply try every possibilities. You see the importance in storing the configuration file in a secure manner (with an access control and an encryption) when the configuration file is stored out of the box. Remember, there is no mechanism protecting passwords from a massive amount of attempt.
Decrypting Cisco type 5 password hashes
25-GPU cluster cracks every standard Windows password in <6 hours