| VID |
16101 |
| Severity |
30 |
| Port |
69 |
| Protocol |
UDP |
| Class |
TFTP |
| Detailed Description |
A TFTP server running on the relevant host is serving one or more sensitive Cisco IOS Certificate Authority (CA) files. Trivial File Transfer Protocol (TFTP) is a protocol that allows for easy transfer of files without requiring authentication between network-connected devices. These files potentially may include sensitive information, such as the private key for the Certificate Authority (CA), so should be considered extremely sensitive and should not be exposed to un-trusted sources.
* Platforms Affected:
Any TFTP server Any version
Any operating system Any version |
| Recommendation |
Consider disabling the affected TFTP server if it is not required. Otherwise restrict access to trusted hosts only. |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
45 (ISS) |
|
