Cisco router online help vulnerability leakage sensitive information

Source: Internet
Author: User

Affected Systems:
Cisco IOS 9.14
Cisco IOS 12.0.7
Cisco IOS 12.0.6
Cisco IOS 12.0.5
Cisco IOS 12.0.4T
Cisco IOS 12.0.4S
Cisco IOS 12.0.4
Cisco IOS 12.0.3T2
Cisco IOS 12.0.2XG
Cisco IOS 12.0.2XF
Cisco IOS 12.0.2XD
Cisco IOS 12.0.2XC
Cisco IOS 12.0.2
Cisco IOS 12.0.1XE
Cisco IOS 12.0.1XB
Cisco IOS 12.0.1XA3
Cisco IOS 12.0.1W
Cisco IOS 12.0 T
Cisco IOS 12.0 S
Cisco IOS 12.0DB
Cisco IOS 12.0 (9) S
Cisco IOS 12.0 (8)
Cisco IOS 12.0 (7) T
Cisco IOS 12.0 (5) T1
Cisco IOS 12.0
Cisco IOS 11.2.9XA
Cisco IOS 11.2.9P
Cisco IOS 11.2.8SA5
Cisco IOS 11.2.8SA3
Cisco IOS 11.2.8SA1
Cisco IOS 11.2.8P
Cisco IOS 11.2.8
Cisco IOS 11.2.4F1
Cisco IOS 11.2.10BC
Cisco IOS 11.2.10
Cisco IOS 11.2 P
Cisco IOS 11.2 (17)
Cisco IOS 11.2
Cisco IOS 11.1.17CT
Cisco IOS 11.1.17CC
Cisco IOS 11.1.16IA
Cisco IOS 11.1.16AA
Cisco IOS 11.1.16
Cisco IOS 11.1.15CA
Cisco IOS 11.1.13IA
Cisco IOS 11.1.13CA
Cisco IOS 11.1.13AA
Cisco IOS 11.1.13
Cisco IOS 11.1
Cisco Router 7500.0
Cisco Router 7200.0
Cisco Router 4000.0
Cisco Router 3600.0
Cisco Router 2600.0
Cisco Router 2500.0

Description: there is a problem in many online help systems of Cisco router IOS, which may expose sensitive information. This vulnerability allows a low-level user (for example, a user who does not know the 'enable' password) to use the system to view some information, in theory, this information should be visible only to users who know the 'enable' password. This information includes the access control list and other content. Generally, after logging on to a lower-level user (level 1), use "show? "Only a part of the show command list can be seen. The 'enable' user can see all the commands. There are 75 show commands on a 12.0 router running IOS 3640 (5. In 'disable' mode, the user "show? "Only some of them can be seen. However, this only helps the system not display these commands. In fact, they still exist and are executable. Only 13 are indeed restricted, and the other 62 are still executable. For example: "show access-lists", "show ip", "show cdp", "show logging", "show cdp", "show vlans, although the help system is not displayed, it can still be executed. This may cause leakage of sensitive information to low-level users (or potential attackers ).

Suggestion:
-Set the default logon level to 0.
-Use "privilege exec" to specify commands that can be executed by level 0 users

Article entry: csh responsible editor: csh

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.