| VID |
29148 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
CISCO |
| Detailed Description |
The CISCO IOS system does not apply Session Timeout. If administrator is out without disconnecting sessions after login to a network device, anyone can attempt unlawful act through the terminal which is connected to the system. Disconnecting sessions after a fixed idle time is needed.
* Platforms Affected:
CISCO IOS |
| Recommendation |
Set Session Timeout to 5 minutes as follows :
1. Console
Router# config terminal
Router(config)# line con 0
Router(config-line)# exec-timeout 5 0
2. VTY
Router# config terminal
Router(config)# line vty 0 4
Router(config-line)# exec-timeout 5 0
3. AUX
Router# config terminal
Router(config)# line aux 0
Router(config-line)# exec-timeout 5 0 |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
