Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
575
Views
0
Helpful
1
Replies

VoIP Vulnerability Scanning with Nessus

Stephen S
Level 1
Level 1

‎05-03-2023 05:57 AM

Is there any documentation anywhere on how VoIPs are scanned for vulnerabilities? Is this even possible with third-party solutions, like Nessus, or do we only have things like Cisco Common Services Platform Collector (CSPC) to collect relevant information? I know Nessus allows you to do compliance scans on other Cisco devices using audit files. However, there's literally nothing out there about scanning VoIPs.

Labels:
0 Helpful
1 Reply 1

BSOXMAN59
Level 1
Level 1

‎06-27-2024 07:30 AM

I am unable to get credentialed Nessus Security Scans with CP-8832NR VOIP Phones that support SSH and EAP as well. The ACAS Nessus User Group response was vague, not one SME said they could get a credentialed scan. I believe this is a Linux or proprietary kernel embedded on the firmware that Tenable Nessus Professional does not support for credentialed scans. If this is the case, if a credentialed Nessus scan was possible the CUCM would not produce valid results. I wish the CISCO Applications Engineers would chime in and support the users on this critical security vulnerability issue.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card