Detections
Analytics

Cisco Catalyst Switches NMSP Port Information Disclosure Vulnerability (cisco-sa-20160413-nms)

medium Nessus Plugin ID 90766

Language:

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

The remote Cisco Catalyst switch is affected by an information disclosure vulnerability in IOS due to a failure by the Network Mobility Services Protocol (NMSP) daemon to require authentication.
A remote attacker can exploit this, via a request to the NMSP port, to gain version information about the software release running on the device, which can be used to facilitate further attacks.

Solution

Apply the relevant update referenced in Cisco Security Advisory cisco-sa-20160413-nms.

See Also

http://www.nessus.org/u?a2687cb1

Plugin Details

Severity: Medium

ID: 90766

File Name: cisco-sa-20160413-nms.nasl

Version: 1.7

Type: remote

Family: CISCO

Published: 4/27/2016

Updated: 6/26/2020

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 1.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2016-1378

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Required KB Items: Settings/ParanoidReport

Exploit Ease: No known exploits are available

Patch Publication Date: 11/19/2014

Vulnerability Publication Date: 4/13/2016

Reference Information

CVE: CVE-2016-1378

CISCO-SA: cisco-sa-20160413-nms

IAVB: 2016-B-0075-S

CISCO-BUG-ID: CSCum62591