CVE-2005-2631

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2005-2631
Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users.

7.5 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://www.cisco.com/warp/public/707/cisco-sa-20050817-cca.shtml Patch Vendor Advisory
http://www.securityfocus.com/bid/14585 Patch
http://secunia.com/advisories/16472/ Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/21884
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.7:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.8:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.9:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.5:*:*:*:*:*:*:*
Information

Published : 2005-08-22 21:00

Updated : 2018-10-30 09:26

NVD link : CVE-2005-2631

Mitre link : CVE-2005-2631

JSON object : View

CWE
NVD-CWE-Other
Advertisement

dedicated server usa
Products Affected

cisco

  • network_admission_control_manager_and_server_system_software