|
| TC: | 12036 | |
| Description: | The remote CISCO router has no VTY(telnet) password set. This allows an attacker to gather the information about your network, and possibly make it unreachable, if the 'Enable' password is not set either. | |
| TC Impact: | Gather Info | |
| Service: | telnet |
| Vulnerability Publication: | N.A. | |
| Advisory Copyright: | N.A. | |
| Summary: | A remote attacker can access into your network without authorization. | |
| Risk: | High | |
| CVSS 2.0 metrics: | Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial | |
| CVSS 2.0 Base Score: | 7.5 |
| Vulnerability Impact: |
Gather Info |
|---|
| Host Impact: | Gather information. | |
| Nature of Remediation: | Change the configuration. |
| Step required to fix the reported vulnerability: | |
***** Solution type: Update Configuration ***** Set a password for the telnet service. Check references for more details. |
| References: | ||
| * MISC: http://www.debianadmin.com/howto-setup-cisco-router-auxiliaryconsole-and-telnet-passwords.html * MISC: http://articles.techrepublic.com.com/5100-6350-1052540.html * CONFIRM: Telnet Password on Cisco Router to Avoid Error Message Configuration Example http://www.cisco.com/warp/public/63/config-telnet.pdf |
| CVE Link: |
CVE-1999-0508 |
 |
|---|
| Glossary: |
CISCO Password |
|---|