Cisco 6400 NRP2 Unauthenticated Telnet Access (CSCdt65960)

high Nessus Plugin ID 10981

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) module allows Telnet access when no password has been set. The correct response is to disallow any remote access to the module until the password has been set. This vulnerability may result in users gaining unintended access to secure systems.

This vulnerability is documented as Cisco bug ID CSCdt65960.

Solution

http://www.nessus.org/u?63852177

Plugin Details

Severity: High

ID: 10981

File Name: CSCdt65960.nasl

Version: 1.20

Type: local

Family: CISCO

Published: 6/5/2002

Updated: 6/27/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: SNMP/community, SNMP/sysDesc, CISCO/model

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 6/14/2001

Reference Information

CVE: CVE-2001-0757

BID: 2874