id: set-and-secure-passwords info: name: Cisco Set and Secure Password - Detect author: pussycat0x severity: info description: | Cisco set and secure password functionality is recommended to control privilege level access. To set a local password to control access to various privilege levels, use the enable password command in global configuration mode. To remove the password requirement, use the no form of this command. reference: - https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/d1/sec-d1-cr-book/sec-cr-e1.html#wp3884449514 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N cvss-score: 0 cwe-id: CWE-200 tags: audit,file,cisco,config-audit,cisco-switch file: - extensions: - conf matchers-condition: and matchers: - type: word words: - "service password-encryption" negative: true - type: word words: - "configure terminal" # Enhanced by md on 2023/05/03 # digest: 4b0a00483046022100efdfaccc895a5ecc59a52d4539a4c09b63d234684db78a580016862fb5e317600221009a3a6c7fb3111578da8bff93c055c86b6f51a0ac995ae2f78870298c49422e89:922c64590222798bb761d5b6d8e72950