Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
TFTP file detection (Cisco IOS CA)
Information
Severity
Severity
Medium
Family
Family
Remote file access
CVSSv2 Base
CVSSv2 Base
5.0
CVSSv2 Vector
CVSSv2 Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Solution Type
Solution Type
Workaround
Created
Created
18 years ago
Modified
Modified
5 years ago
Summary
The remote host has a TFTP server installed that is serving one or more sensitive Cisco IOS Certificate Authority (CA) files.
Insight
Insight
These files potentially include the private key for the CA so should be considered extremely sensitive and should not be exposed to unnecessary scrutiny.
Solution
Solution
If it is not required, disable the TFTP server. Otherwise restrict access to trusted sources only.