Miembros de
Boletines de Vulnerabilidades |
Cisco Networking Services Sensitive Information Disclosure Vulnerability |
|
Información sobre el sistema |
|
| Software afectado | Cisco |
Descripción |
|
|
A vulnerability in the debug logging function of Cisco Networking Services (CNS) used for configuring Cisco IOS networking devices could allow an authenticated, local attacker to disclose sensitive data. The vulnerability is due to insufficient protections of sensitive data at rest. An attacker could exploit this vulnerability by accessing a specific file and reading the sensitive information.Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this More info: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-ns?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Networking%20Services%20Sensitive%20Information%20Disclosure%20Vulnerab |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2015-6375. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-11-21 |