Search criteria
9 vulnerabilities found for network_admission_control by cisco
FKIE_CVE-2013-1124
Vulnerability from fkie_nvd - Published: 2013-02-28 23:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | network_admission_control | - | |
| apple | mac_os_x | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:-:*:*:*:*:*:*:*",
"matchCriteriaId": "AF823D2D-893F-4BA5-A791-28276DB5DF32",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FF5999A-9D12-4CDD-8DE9-A89C10B2D574",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309."
},
{
"lang": "es",
"value": "El agente Cisco Network Adminssion Control (NAC) en Mac OS X no comprueba el certificado X.509 de un motor de servicios de identidad (ISE) de servidor durante una sesi\u00f3n de SSL, que permite man-in-the-middle atacantes burlar servidores ISE a trav\u00e9s de certificados arbitrarios, tambi\u00e9n registrado como Bug ID CSCub24309."
}
],
"id": "CVE-2013-1124",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-02-28T23:55:01.160",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1124"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1124"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2008-1155
Vulnerability from fkie_nvd - Published: 2008-04-16 17:05 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | network_admission_control | * | |
| cisco | network_admission_control | * | |
| cisco | network_admission_control | * | |
| cisco | network_admission_control | 3.5 | |
| cisco | network_admission_control | 3.6 | |
| cisco | network_admission_control | 3.6.0 | |
| cisco | network_admission_control | 3.6.0.1 | |
| cisco | network_admission_control | 3.6.1.1 | |
| cisco | network_admission_control | 3.6.2.1 | |
| cisco | network_admission_control | 3.6.2.2 | |
| cisco | network_admission_control | 3.6.4.1 | |
| cisco | network_admission_control | 3.6.4.2 | |
| cisco | network_admission_control | 4.0 | |
| cisco | network_admission_control | 4.0.0.1 | |
| cisco | network_admission_control | 4.0.2.1 | |
| cisco | network_admission_control | 4.0.2.2 | |
| cisco | network_admission_control | 4.0.3.1 | |
| cisco | network_admission_control | 4.0.3.2 | |
| cisco | network_admission_control | 4.0.3.3 | |
| cisco | network_admission_control | 4.0.5.0 | |
| cisco | network_admission_control | 4.1 | |
| cisco | network_admission_control | 4.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7BFAE963-6E84-4712-A628-6240D97C200A",
"versionEndIncluding": "3.6.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "432F7177-A43A-463A-B663-9181B0506545",
"versionEndIncluding": "4.0.5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9174F08C-55B7-4985-9964-732088051BA5",
"versionEndIncluding": "4.1.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0051F9BB-0315-4541-95A5-CAAC6A3FC9A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57F000C2-5343-41CE-81EF-D26D7E884798",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1849F3F6-834E-4C3A-B1B2-4B0C360FE03C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1898068E-41B8-4C25-B240-2779206FB0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ED68FC7E-A6A6-49AB-AEDB-CE70C1139BC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE93C0F-D240-47D7-B638-6E7AB65C8ABC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "300CE692-9161-4866-96CD-C865000FA481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE6DF16-6846-4246-AF33-58FD02038D93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:3.6.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA5D3A7-6B5B-4699-8FBE-6DC36F8C350F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BD36F046-CCBF-467D-9522-81307A47D7F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EC29AD92-F6B6-4CF3-9471-EAE70284C9B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22FD214D-4176-4388-A837-21DAFE62D502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BBAD29D5-0C9F-44DC-9574-793DE4C90316",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8A77575E-9676-48DA-A28D-85D3D8C1EAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "86E65BA0-55E6-4D6E-BAED-26769B1671D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "42A5102C-86F2-4194-BAEA-7EAD5CAC5ABD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F31B7941-03B8-430E-AA23-B105138FC5F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E76E6DCE-93DE-4522-BD35-82440B4EE635",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83407842-77E2-417D-9355-6CFDADB62EEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs."
},
{
"lang": "es",
"value": "Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x anterior a v3.6.4.4, 4.0.x anterior a v4.0.6, y 4.1.x anterior4.1.2, permite a atacantes remotos obtener el secreto compartido para Clean Access Server (CAS) y Clean Access Manager (CAM) a trav\u00e9s de la escucha de red de los logs de errores."
}
],
"id": "CVE-2008-1155",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-16T17:05:00.000",
"references": [
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29822"
},
{
"source": "psirt@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securityfocus.com/bid/28807"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securitytracker.com/id?1019859"
},
{
"source": "psirt@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/1248/references"
},
{
"source": "psirt@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41849"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/29822"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28807"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019859"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1248/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41849"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2006-4430
Vulnerability from fkie_nvd - Published: 2006-08-29 00:04 - Updated: 2025-04-03 01:03
Severity ?
Summary
The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:network_admission_control:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8ABB4C62-1CF7-4280-B084-2C7EB3C7198C",
"versionEndIncluding": "3.6.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D17AF7C3-3453-4343-AC57-B3BAACAD36E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1D20F5D1-C28A-4D0E-B4BA-3F8A9B05933E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4FA3ABF2-F8D7-4D46-8862-072AD105AE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "28B34BF7-B96E-4C6A-B6BD-803680629300",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "280C9607-98C6-44CE-9017-43592EC9D013",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F972C202-DEEB-49AD-BBE7-442CA0E975E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "028ABC18-8944-474C-8482-2DC4F0E0B51B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DD764CC4-F985-4A2F-B744-0B07BE59534F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9B450984-DF81-46FE-A3E2-16323D1E55A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "6133BA76-655F-4023-A5C5-31919D3C45E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5D9FFC-728E-4E2A-9787-0748D0C88433",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8559F336-5A94-43ED-BF2E-0126038DA3C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B7FE412A-DB93-41FC-85B3-38E46913BEB3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "63702A32-F7D3-46FF-B7B2-A845081D3AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CF86C8A2-154B-49B3-B263-41826DC196BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2CC77562-5C30-4DA3-AFCD-7CD63D85E298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B9CD71A6-724B-42C1-BBBD-456F74393909",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5\\(9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E7EDB2AB-B6EA-4327-A969-88BB822B3896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E6828C91-18F9-4E36-B496-56E559180480",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2251B20D-F0AA-4FCA-8B62-B3EED16726E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7D400E92-D0E4-43C2-8ECF-84352B5B2608",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A59115E7-A5AB-4468-BE51-AB6E8D188B07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EFE9D413-8078-4618-B4A6-4D774D30930F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D89BCC4B-14A8-459F-94D9-70DDB6C205F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.6.4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55E40D45-E092-4D75-BE3C-64B7AB7A1018",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms."
},
{
"lang": "es",
"value": "The Cisco Network Admission Control (NAC) 3.6.4.1 y anteriores permite a un atacante remoto prevenir la instalaci\u00f3n de Cisco Clean Access (CCA) Agent y evitar los mecanismos de protecci\u00f3n locales y remotos a trav\u00e9s de la modficaci\u00f3n de (1) la cabecera HTTP User-Agent o (2) el comportamiento de la pila TCP/IP. NOTA:el vendedor ha discutido la severidad de este asunto, indicando que los usuarios no pueden puentear los mecanismos de autentificaci\u00f3n."
}
],
"id": "CVE-2006-4430",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-29T00:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/408603/30/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/444424/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/444501/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/444737/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19726"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/408603/30/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/444424/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/444501/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/444737/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19726"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2013-1124 (GCVE-0-2013-1124)
Vulnerability from cvelistv5 – Published: 2013-02-28 23:00 – Updated: 2024-09-17 04:14
VLAI?
Summary
The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:49:20.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130227 Cisco Network Admission Control Mac Agent Connects to ISE Server with Untrusted SSL Certificate",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-28T23:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130227 Cisco Network Admission Control Mac Agent Connects to ISE Server with Untrusted SSL Certificate",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130227 Cisco Network Admission Control Mac Agent Connects to ISE Server with Untrusted SSL Certificate",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1124",
"datePublished": "2013-02-28T23:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-17T04:14:47.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1155 (GCVE-0-2008-1155)
Vulnerability from cvelistv5 – Published: 2008-04-16 17:00 – Updated: 2024-08-07 08:08
VLAI?
Summary
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1248",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1248/references"
},
{
"name": "cisco-nac-unauthorized-access(41849)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41849"
},
{
"name": "1019859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019859"
},
{
"name": "28807",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28807"
},
{
"name": "20080416 Cisco Network Admission Control Shared Secret Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml"
},
{
"name": "29822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29822"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "ADV-2008-1248",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1248/references"
},
{
"name": "cisco-nac-unauthorized-access(41849)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41849"
},
{
"name": "1019859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019859"
},
{
"name": "28807",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28807"
},
{
"name": "20080416 Cisco Network Admission Control Shared Secret Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml"
},
{
"name": "29822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29822"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-1155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-1248",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1248/references"
},
{
"name": "cisco-nac-unauthorized-access(41849)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41849"
},
{
"name": "1019859",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019859"
},
{
"name": "28807",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28807"
},
{
"name": "20080416 Cisco Network Admission Control Shared Secret Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml"
},
{
"name": "29822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29822"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-1155",
"datePublished": "2008-04-16T17:00:00",
"dateReserved": "2008-03-05T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4430 (GCVE-0-2006-4430)
Vulnerability from cvelistv5 – Published: 2006-08-29 00:00 – Updated: 2024-08-07 19:06
VLAI?
Summary
The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050822 RE: Cisco Clean Access Agent (Perfigo) bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html"
},
{
"name": "19726",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19726"
},
{
"name": "20060829 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444737/100/0/threaded"
},
{
"name": "20060822 Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html"
},
{
"name": "20050819 Cisco Clean Access Agent (Perfigo) bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/408603/30/0/threaded"
},
{
"name": "20060826 NAC Agent Installation Bypass",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html"
},
{
"name": "20060826 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444501/100/0/threaded"
},
{
"name": "20060826 Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444424/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050822 RE: Cisco Clean Access Agent (Perfigo) bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html"
},
{
"name": "19726",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19726"
},
{
"name": "20060829 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444737/100/0/threaded"
},
{
"name": "20060822 Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html"
},
{
"name": "20050819 Cisco Clean Access Agent (Perfigo) bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/408603/30/0/threaded"
},
{
"name": "20060826 NAC Agent Installation Bypass",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html"
},
{
"name": "20060826 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444501/100/0/threaded"
},
{
"name": "20060826 Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444424/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050822 RE: Cisco Clean Access Agent (Perfigo) bypass",
"refsource": "BUGTRAQ",
"url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html"
},
{
"name": "19726",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19726"
},
{
"name": "20060829 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444737/100/0/threaded"
},
{
"name": "20060822 Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html"
},
{
"name": "20050819 Cisco Clean Access Agent (Perfigo) bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/408603/30/0/threaded"
},
{
"name": "20060826 NAC Agent Installation Bypass",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html"
},
{
"name": "20060826 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444501/100/0/threaded"
},
{
"name": "20060826 Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444424/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4430",
"datePublished": "2006-08-29T00:00:00",
"dateReserved": "2006-08-28T00:00:00",
"dateUpdated": "2024-08-07T19:06:07.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1124 (GCVE-0-2013-1124)
Vulnerability from nvd – Published: 2013-02-28 23:00 – Updated: 2024-09-17 04:14
VLAI?
Summary
The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:49:20.698Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130227 Cisco Network Admission Control Mac Agent Connects to ISE Server with Untrusted SSL Certificate",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1124"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-28T23:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130227 Cisco Network Admission Control Mac Agent Connects to ISE Server with Untrusted SSL Certificate",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1124"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1124",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130227 Cisco Network Admission Control Mac Agent Connects to ISE Server with Untrusted SSL Certificate",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1124"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1124",
"datePublished": "2013-02-28T23:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-17T04:14:47.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-1155 (GCVE-0-2008-1155)
Vulnerability from nvd – Published: 2008-04-16 17:00 – Updated: 2024-08-07 08:08
VLAI?
Summary
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:08:57.678Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2008-1248",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1248/references"
},
{
"name": "cisco-nac-unauthorized-access(41849)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41849"
},
{
"name": "1019859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019859"
},
{
"name": "28807",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28807"
},
{
"name": "20080416 Cisco Network Admission Control Shared Secret Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml"
},
{
"name": "29822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29822"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "ADV-2008-1248",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1248/references"
},
{
"name": "cisco-nac-unauthorized-access(41849)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41849"
},
{
"name": "1019859",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019859"
},
{
"name": "28807",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28807"
},
{
"name": "20080416 Cisco Network Admission Control Shared Secret Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml"
},
{
"name": "29822",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29822"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-1155",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2008-1248",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1248/references"
},
{
"name": "cisco-nac-unauthorized-access(41849)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41849"
},
{
"name": "1019859",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019859"
},
{
"name": "28807",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28807"
},
{
"name": "20080416 Cisco Network Admission Control Shared Secret Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008097bea0.shtml"
},
{
"name": "29822",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29822"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-1155",
"datePublished": "2008-04-16T17:00:00",
"dateReserved": "2008-03-05T00:00:00",
"dateUpdated": "2024-08-07T08:08:57.678Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-4430 (GCVE-0-2006-4430)
Vulnerability from nvd – Published: 2006-08-29 00:00 – Updated: 2024-08-07 19:06
VLAI?
Summary
The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050822 RE: Cisco Clean Access Agent (Perfigo) bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html"
},
{
"name": "19726",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19726"
},
{
"name": "20060829 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444737/100/0/threaded"
},
{
"name": "20060822 Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html"
},
{
"name": "20050819 Cisco Clean Access Agent (Perfigo) bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/408603/30/0/threaded"
},
{
"name": "20060826 NAC Agent Installation Bypass",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html"
},
{
"name": "20060826 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444501/100/0/threaded"
},
{
"name": "20060826 Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/444424/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-08-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050822 RE: Cisco Clean Access Agent (Perfigo) bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html"
},
{
"name": "19726",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19726"
},
{
"name": "20060829 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444737/100/0/threaded"
},
{
"name": "20060822 Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html"
},
{
"name": "20050819 Cisco Clean Access Agent (Perfigo) bypass",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/408603/30/0/threaded"
},
{
"name": "20060826 NAC Agent Installation Bypass",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html"
},
{
"name": "20060826 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444501/100/0/threaded"
},
{
"name": "20060826 Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/444424/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4430",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050822 RE: Cisco Clean Access Agent (Perfigo) bypass",
"refsource": "BUGTRAQ",
"url": "http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html"
},
{
"name": "19726",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19726"
},
{
"name": "20060829 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444737/100/0/threaded"
},
{
"name": "20060822 Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html"
},
{
"name": "20050819 Cisco Clean Access Agent (Perfigo) bypass",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/408603/30/0/threaded"
},
{
"name": "20060826 NAC Agent Installation Bypass",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html"
},
{
"name": "20060826 Re: Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444501/100/0/threaded"
},
{
"name": "20060826 Cisco NAC Appliance Agent Installation Bypass Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/444424/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4430",
"datePublished": "2006-08-29T00:00:00",
"dateReserved": "2006-08-28T00:00:00",
"dateUpdated": "2024-08-07T19:06:07.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}