Cisco IP Phone Detection
Medium Nessus Network Monitor Plugin ID 3771
SynopsisThe remote host may give an attacker information useful for future attacks.
DescriptionThe administrative page of the Cisco IP Phone is available via an embedded web server. Unfortunately, the web server gives away critical information that an attacker can use to gain access to the VoIP device. This information includes, but is not limited to, user accounts, passwords, TFTP servers, network addresses, and phone line information. An attacker exploiting this flaw would be able to elevate access on the VoIP devices and possibly gain control of the devices.
SolutionUse ACLs to ensure that only trusted administrators can access the administrative GUI.