Описание
Cisco Secure ACS does not require authentication when Cisco Trust Agent (CTA) transmits posture information, which might allow remote attackers to gain network access via a spoofed Network Endpoint Assessment posture, aka "NACATTACK." NOTE: this attack might be limited to authenticated users and devices.
Ссылки
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:cisco:trust_agent:*:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.0086
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cisco Secure ACS does not require authentication when Cisco Trust Agent (CTA) transmits posture information, which might allow remote attackers to gain network access via a spoofed Network Endpoint Assessment posture, aka "NACATTACK." NOTE: this attack might be limited to authenticated users and devices.
EPSS
Процентиль: 75%
0.0086
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other