PT-2005-3521 · Cisco · Cisco Clean Access

Publicado

2005-08-20

Atualizado

2018-10-30

CVE-2005-2631

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Cisco Clean Access (CCA) versions 3.3.0 through 3.3.9 Cisco Clean Access (CCA) versions 3.4.0 through 3.4.5 Cisco Clean Access (CCA) versions 3.5.0 through 3.5.3

Description The issue concerns improper user authentication when invoking API methods. This could allow remote attackers to bypass security checks, change a user's assigned role, or disconnect users.

Recommendations For versions 3.3.0 through 3.3.9, update to a version that properly authenticates users when invoking API methods. For versions 3.4.0 through 3.4.5, update to a version that properly authenticates users when invoking API methods. For versions 3.5.0 through 3.5.3, update to a version that properly authenticates users when invoking API methods.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2005-2631

Produtos afetados

Cisco Clean Access

PT-2005-3521 · Cisco · Cisco Clean Access

CVE-2005-2631

Identificadores relacionados

Produtos afetados

Referências · 5