Detections
Analytics

Cisco Smart Install Detection

info Nessus Plugin ID 105161

Language:

Synopsis

The Cisco Smart Install feature is enabled on the remote host.

Description

The Cisco Smart Install (SMI) feature is enabled on the remote host.
If the SMI Client role enabled, it is subject to protocol misuse, which could allow an unauthenticated, remote attacker to:

 - Substitute the switch's startup-config file with a file that the attacker prepared and force a reload of the switch after a defined time interval.

 - Load the attacker-supplied IOS image onto the switch.

 - Execute high-privilege configuration mode CLI commands on the switch, including do-exec CLI commands.

 - Copy arbitrary files from the switch to the attacker-controlled TFTP server.

Solution

Disable the Smart Install feature if not needed.

See Also

http://www.nessus.org/u?bc0b0179

Plugin Details

Severity: Info

ID: 105161

File Name: cisco_smartinstall_detect.nbin

Version: 1.56

Type: remote

Published: 12/12/2017

Updated: 3/19/2024

Configuration: Enable thorough checks

Asset Inventory: true

Hardware Inventory: true

OS Identification: true

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/o:cisco:ios

Reference Information