Cisco IOS Software Command Security Bypass (cisco-sa-20120328-pai)
High Nessus Plugin ID 58570
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionAccording to its self-reported version and configuration, the Cisco IOS software running on the remote device is affected by a security bypass vulnerability in the Authentication, Authorization, and Accounting (AAA) feature. An authenticated, remote attacker can exploit this, via an HTTP or HTTPS session, to bypass access restrictions and execute any IOS command that is configured for the authorization level. This vulnerability requires that the HTTP or HTTPS server is enabled on the Cisco IOS device.
SolutionApply the relevant patch referenced in Cisco Security Advisory cisco-sa-20120328-pai. Alternatively, the HTTP server may be disabled as a workaround.