{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"CISCO IOS 11.X","product":{"name":"IOS","vendor":{"name":"Cisco","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUn utilisateur mal intentionn\u00e9 peut d\u00e9terminer la liste des utilisateurs\nd\u00e9finis localement en analysant les messages id'erreur renvoy\u00e9s lors\nd'une authentification sur le routeur via Telnet.\n\n## Solution provisoire\n\nD\u00e9sactiver Telnet et utiliser SSH ou bien l'authentification de type\n`AAA new-model`.\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 CISCO \"Enumerating Locally Defined Users  in CISCO IOS\" :","url":"http://www.cisco.com/warp/public/707/cisco-sn-20030724-ios-enum.shtml"}],"reference":"CERTA-2003-AVI-128","revisions":[{"description":"version initiale.","revision_date":"2003-07-31T00:00:00.000000"}],"risks":[{"description":"Divulgation d'informations"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans l'IOS de Cisco permettant \u00e0 un\nindividu mal intentionn\u00e9 de lister les utilisateurs d\u00e9finis localement.\n","title":"Vuln\u00e9rabilit\u00e9 dans CISCO IOS","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 CISCO \"Enumerating Locally Defined Users in CISCO IOS\"","url":null}]}