Cisco · Cisco Clean Access · CVE-2005-4332
**Name of the Vulnerable Software and Affected Versions**
Cisco Clean Access versions 3.5.5 and earlier
**Description**
The issue allows remote attackers to bypass authentication, cause a denial of service, or upload files by making direct requests to obsolete JSP files, including "admin/uploadclient.jsp", "apply firmware action.jsp", and "file.jsp".
**Recommendations**
For Cisco Clean Access versions 3.5.5 and earlier, restrict access to the obsolete JSP files, including `admin/uploadclient.jsp`, `apply firmware action.jsp`, and `file.jsp`, to minimize the risk of exploitation.