Cisco Networking Services Sensitive Information Disclosure Vulnerability
|
Información sobre el sistema
|
|
|
Software afectado |
Cisco |
Descripción
|
A vulnerability in the debug logging function of Cisco Networking Services (CNS) used for configuring Cisco IOS networking devices could allow an authenticated, local attacker to disclose sensitive data. The vulnerability is due to insufficient protections of sensitive data at rest. An attacker could exploit this vulnerability by accessing a specific file and reading the sensitive information.Cisco has not released software updates that address this vulnerability. Workarounds that mitigate this
More info:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151120-ns?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Networking%20Services%20Sensitive%20Information%20Disclosure%20Vulnerab |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2015-6375. |