daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Enhancement: file/audit/cisco/disable-ip-source-route.yaml by md

patch-1
MostInterestingBotInTheWorld 2023-05-03 17:35:50 -04:00
parent f73e099081
commit 32ec5f3f6b
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
file/audit/cisco/disable-ip-source-route.yaml
View File

@ -1,13 +1,18 @@
id: disable-ip-source-route
info:
name: Disable IP source-route
name: Cisco IP Source-Route - Detect
author: pussycat0x
severity: info
description: |
Organizations should plan and implement network policies to ensure unnecessary services are explicitly disabled. The 'ip source-route' feature has been used in several attacks and should be disabled.
Cisco IP source-route functionality has been utilized in several attacks. An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
remediation: Disable IP source-route where appropriate.
reference:
- https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipaddr/command/ipaddr-cr-book/ipaddr-i4.html#GUID-C7F971DD-358F-4B43-9F3E-244F5D4A3A93
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
cvss-score: 0.0
cwe-id: CWE-200
tags: cisco,config-audit,cisco-switch,file,router
file:
@ -24,3 +29,5 @@ file:
- type: word
words:
- "configure terminal"
# Enhanced by md on 2023/05/03