ID de Prueba:	1.3.6.1.4.1.25623.1.0.106527
Categoría:	CISCO
Título:	Cisco IOx Software Information Disclosure Vulnerability (cisco-sa-20170118-ios)
Resumen:	A vulnerability in the web-based management interface of Cisco; IOx Software could allow an unauthenticated, remote attacker to view confidential information that; is displayed without authenticating to the device.
Descripción:	Summary: A vulnerability in the web-based management interface of Cisco IOx Software could allow an unauthenticated, remote attacker to view confidential information that is displayed without authenticating to the device. Vulnerability Insight: The vulnerability is due to lack of proper input validation of the HTTP URL being requested. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted device. Vulnerability Impact: An exploit could allow the attacker to view confidential information that should only be visible to authenticated users to the device. The attacker could use this information to conduct additional reconnaissance attacks. Solution: See the referenced vendor advisory for a solution. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3805 BugTraq ID: 95644 http://www.securityfocus.com/bid/95644 http://www.securitytracker.com/id/1037654
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.