Cisco IP Phone Detection

Medium Nessus Network Monitor Plugin ID 3771

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The administrative page of the Cisco IP Phone is available via an embedded web server. Unfortunately, the web server gives away critical information that an attacker can use to gain access to the VoIP device. This information includes, but is not limited to, user accounts, passwords, TFTP servers, network addresses, and phone line information. An attacker exploiting this flaw would be able to elevate access on the VoIP devices and possibly gain control of the devices.

Solution

Use ACLs to ensure that only trusted administrators can access the administrative GUI.

Plugin Details

Severity: Medium

ID: 3771

Family: Web Servers

Published: 2006/10/03

Modified: 2016/01/15

Dependencies: 1442

Risk Information

Risk Factor: Medium