Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The Cisco router must not be configured to have any feature enabled that calls home to the vendor.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-216996 | CISC-RT-000080 | SV-216996r663924_rule | Medium |
| Description |
|---|
| Call home services will routinely send data such as configuration and diagnostic information to the vendor for routine or emergency analysis and troubleshooting. There is a risk that transmission of sensitive data sent to unauthorized persons could result in data loss or downtime due to an attack. |
| STIG | Date |
|---|---|
| Cisco IOS XE Router RTR Security Technical Implementation Guide | 2021-09-16 |
Details
| Check Text ( C-18226r663922_chk ) |
|---|
| Review the router configuration to determine if the call home service is enabled as shown in the example below: service call-home contact-email-addr username@example.com phone-number "+1-800-555-4567" customer-id "Customer1234" contract-id "Company1234" If the call home feature is configured to call home to the vendor, this is a finding. |
| Fix Text (F-18224r663923_fix) |
|---|
| Disable the call home feature as shown below: R5(config)#no service call-home |