PT-2001-1656 · Cisco · Cisco Cbos

Published

2001-07-02

Updated

2017-10-10

CVE-2001-0444

CVSS v2.0

2.1

Low

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Cisco CBOS version 2.3.0.053

Description The issue allows sensitive information to be disclosed to unauthorized users. When the sh nat command, also known as show nat, is executed, its output is sent to the terminal of the next user who attempts to connect to the router via telnet. This could enable that user to obtain sensitive information.

Recommendations For Cisco CBOS version 2.3.0.053, consider restricting access to the sh nat command to minimize the risk of sensitive information disclosure until a fix is available. As a temporary workaround, restrict telnet connections to trusted users only.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0444

Affected Products

Cisco Cbos

PT-2001-1656 · Cisco · Cisco Cbos

CVE-2001-0444

Related Identifiers

Affected Products

References · 5