Now who was looking for that major IOS vulnerability ????

icecream-guy · April 14, 2016, 07:45:19 AM

forget who it was, but it finally came true

Cisco Catalyst Switches Network Mobility Services Protocol Port Information Disclosure Vulnerability
Cisco Catalyst Switches running Cisco IOS Software releases prior to 15.2(2)E1 may allow an unauthenticated, remote attacker to retrieve version information about the software release running on the device by accessing the Network Mobility Services Protocol (NMSP) port.

Vulnerable Products
Cisco Catalyst Switches running Cisco IOS Software releases prior to 15.2(2)E1 are affected.

Workaround: None.

Alert Notice
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160413-nms

CSCum62591 Bug ID is weird regarding subject of I'nconsistency in NMSP default behavior on NG3k'
reference to Cisco Catalyst Switches running software versions prior to 3.6(1)E
and product details for Cisco 5700 Series Wireless LAN Controllers

deanwebb · April 14, 2016, 08:20:47 AM

Looks like ya gotta upgrade to 15.2(2)E1 or later on that gear, then.

icecream-guy · April 14, 2016, 11:08:13 AM

Seems it all has to do with NMSP, which isn't even enabled by default, has to do with VOIP location services, don't know why Cisco but out suck a blanket statement. I fired up my AS guy, let him figure it out...

icecream-guy · April 15, 2016, 01:38:33 PM

so it seems to be an issue on 3K switches running 15.2.2E1 where NMSP is enabled. my AS guy said that the advisory was a bit over the top.

deanwebb · April 15, 2016, 02:04:00 PM

Maybe Cisco wants us all to know that security is SRS BSNS for them.

Now who was looking for that major IOS vulnerability ????

icecream-guy

deanwebb

icecream-guy

icecream-guy

deanwebb