PT-2012-1683 · Cisco · Cisco Ios
Published
2012-05-02
·
Updated
2012-10-30
·
CVE-2011-3289
CVSS v2.0
3.6
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco IOS versions 12.4 and 15.0 through 15.2
Description
The issue allows physically proximate attackers to bypass the No Service Password-Recovery feature and read the start-up configuration.
Recommendations
For Cisco IOS versions 12.4 and 15.0 through 15.2, consider applying configuration changes to restrict physical access to the device until a fix is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Ios