cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
922
Views
0
Helpful
1
Replies

VoIP Vulnerability Scanning with Nessus

Stephen S
Level 1
Level 1

Is there any documentation anywhere on how VoIPs are scanned for vulnerabilities? Is this even possible with third-party solutions, like Nessus, or do we only have things like Cisco Common Services Platform Collector (CSPC) to collect relevant information? I know Nessus allows you to do compliance scans on other Cisco devices using audit files. However, there's literally nothing out there about scanning VoIPs.

1 Reply 1

BSOXMAN59
Level 1
Level 1

I am unable to get credentialed Nessus Security Scans with CP-8832NR VOIP Phones that support SSH and EAP as well. The ACAS Nessus User Group response was vague, not one SME said they could get a credentialed scan. I believe this is a Linux or proprietary kernel embedded on the firmware that Tenable Nessus Professional does not support for credentialed scans. If this is the case, if a credentialed Nessus scan was possible the CUCM would not produce valid results. I wish the CISCO Applications Engineers would chime in and support the users on this critical security vulnerability issue.

Review Cisco Networking for a $25 gift card