Описание
Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access.
Ссылки
- Broken Link
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party Advisory
- Broken Link
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 3.6.0.0 (включая) до 3.6.4.2 (включая)Версия от 4.0.0.0 (включая) до 4.0.3.2 (исключая)
Одно из
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:*:*:*:*:*:*:*:*
EPSS
Процентиль: 87%
0.03241
Низкий
10 Critical
CVSS2
Дефекты
CWE-255
Связанные уязвимости
github
почти 4 года назад
Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access.
EPSS
Процентиль: 87%
0.03241
Низкий
10 Critical
CVSS2
Дефекты
CWE-255