Описание
Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031.
Ссылки
- Release NotesVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Release NotesVendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 15.0\(1\)xa1 (исключая)
cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*
EPSS
Процентиль: 39%
0.00172
Низкий
4 Medium
CVSS2
Дефекты
CWE-295
Связанные уязвимости
github
больше 3 лет назад
Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031.
EPSS
Процентиль: 39%
0.00172
Низкий
4 Medium
CVSS2
Дефекты
CWE-295