Code: p1397 Severity: Warning
Description: This event is generated when an attempt is made to list the user configuration file on a Cisco router or switch. Impact: If successful, the switch will reveal the local authentication user configuration file to an attacker without requiring prior authentication. Corrective: Turn off the web server functionality, use access lists to ensure only trusted hosts have access to the device, use TACACS+ or RADIUS for access control, or upgrade your version of IOS.
|
