Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Cisco IP Phone Detection

Medium

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The administrative page of the Cisco IP Phone is available via an embedded web server. Unfortunately, the web server gives away critical information that an attacker can use to gain access to the VoIP device. This information includes, but is not limited to, user accounts, passwords, TFTP servers, network addresses, and phone line information. An attacker exploiting this flaw would be able to elevate access on the VoIP devices and possibly gain control of the devices.

Solution

Use ACLs to ensure that only trusted administrators can access the administrative GUI.