Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2005-4499

Published: 22/12/2005 Updated: 11/08/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote malicious users to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco vpn 3001 concentrator

cisco vpn 3015 concentrator

cisco vpn 3020 concentrator

cisco vpn 3030 concentator

cisco vpn 3060 concentrator

cisco vpn 3080 concentrator

cisco adaptive security appliance software 7.0

cisco adaptive security appliance software 7.0(4)

cisco adaptive security appliance software 7.0.1.4

cisco adaptive security appliance software 7.0.4.3

cisco vpn 3000 concentrator series software 2.0

cisco vpn 3000 concentrator series software 2.5.2.a

cisco vpn 3000 concentrator series software 2.5.2.b

cisco vpn 3000 concentrator series software 2.5.2.c

cisco vpn 3000 concentrator series software 2.5.2.d

cisco vpn 3000 concentrator series software 2.5.2.f

cisco vpn 3000 concentrator series software 3.0

cisco vpn 3000 concentrator series software 3.0.3.a

cisco vpn 3000 concentrator series software 3.0.3.b

cisco vpn 3000 concentrator series software 3.0.4

cisco vpn 3000 concentrator series software 3.1

cisco vpn 3000 concentrator series software 3.1(rel)

cisco vpn 3000 concentrator series software 3.1.1

cisco vpn 3000 concentrator series software 3.1.2

cisco vpn 3000 concentrator series software 3.1.4

cisco vpn 3000 concentrator series software 3.5(rel)

cisco vpn 3000 concentrator series software 3.5.1

cisco vpn 3000 concentrator series software 3.5.2

cisco vpn 3000 concentrator series software 3.5.3

cisco vpn 3000 concentrator series software 3.5.4

cisco vpn 3000 concentrator series software 3.5.5

cisco vpn 3000 concentrator series software 3.6

cisco vpn 3000 concentrator series software 3.6.1

cisco vpn 3000 concentrator series software 3.6.3

cisco vpn 3000 concentrator series software 3.6.5

cisco vpn 3000 concentrator series software 3.6.7

cisco vpn 3000 concentrator series software 3.6.7.a

cisco vpn 3000 concentrator series software 3.6.7.b

cisco vpn 3000 concentrator series software 3.6.7.c

cisco vpn 3000 concentrator series software 3.6.7.d

cisco vpn 3000 concentrator series software 3.6.7.f

cisco vpn 3000 concentrator series software 3.6.7d

cisco vpn 3000 concentrator series software 4.0

cisco vpn 3000 concentrator series software 4.0.1

cisco vpn 3000 concentrator series software 4.0.2

cisco vpn 3000 concentrator series software 4.0.5.b

cisco vpn 3000 concentrator series software 4.1.5.b

cisco vpn 3000 concentrator series software 4.1.7.a

cisco vpn 3000 concentrator series software 4.1.7.b

cisco vpn 3000 concentrator series software 4.7.1

cisco vpn 3000 concentrator series software 4.7.1.f

cisco vpn 3005 concentrator software 4.0.1

cisco vpn 3030 concentator 4.7.1

cisco vpn 3030 concentator 4.7.1.f

cisco pix asa ids

cisco pix firewall 6.2.2 .111

cisco pix firewall 6.2.3 (110)

cisco pix firewall 6.3.3 (133)

cisco secure access control server

cisco secure access control server 2.0

cisco secure access control server 2.1

cisco secure access control server 2.3

cisco secure access control server 2.3.5.1

cisco secure access control server 2.3.6.1

cisco secure access control server 2.4

cisco secure access control server 2.5

cisco secure access control server 2.6

cisco secure access control server 2.6.2

cisco secure access control server 2.6.3

cisco secure access control server 2.6.4

cisco secure access control server 2.42

cisco secure access control server 3.0

cisco secure access control server 3.0.1

cisco secure access control server 3.0.3

cisco secure access control server 3.1

cisco secure access control server 3.1.1

cisco secure access control server 3.2

cisco secure access control server 3.2(1)

cisco secure access control server 3.2(1.20)

cisco secure access control server 3.2(2)

cisco secure access control server 3.2(3)

cisco secure access control server 3.2.1

cisco secure access control server 3.2.2

cisco secure access control server 3.3

cisco secure access control server 3.3(1)

cisco secure access control server 3.3.1

cisco secure access control server 3.3.2

cisco vpn 3002 hardware client

cisco pix firewall 501

cisco pix firewall 506

cisco pix firewall 515

cisco pix firewall 515e

cisco pix firewall 520

cisco pix firewall 525

cisco pix firewall 535

cisco pix firewall

cisco pix firewall 6.1.5(104)

cisco pix firewall software 2.7

cisco pix firewall software 3.0

cisco pix firewall software 3.1

cisco pix firewall software 4.0

cisco pix firewall software 4.1(6)

cisco pix firewall software 4.1(6b)

cisco pix firewall software 4.2

cisco pix firewall software 4.2(1)

cisco pix firewall software 4.2(2)

cisco pix firewall software 4.2(5)

cisco pix firewall software 4.3

cisco pix firewall software 4.4

cisco pix firewall software 4.4(4)

cisco pix firewall software 4.4(7.202)

cisco pix firewall software 4.4(8)

cisco pix firewall software 5.0

cisco pix firewall software 5.1

cisco pix firewall software 5.1(4)

cisco pix firewall software 5.1(4.206)

cisco pix firewall software 5.2

cisco pix firewall software 5.2(1)

cisco pix firewall software 5.2(2)

cisco pix firewall software 5.2(3.210)

cisco pix firewall software 5.2(5)

cisco pix firewall software 5.2(6)

cisco pix firewall software 5.2(7)

cisco pix firewall software 5.2(9)

cisco pix firewall software 5.3

cisco pix firewall software 5.3(1)

cisco pix firewall software 5.3(1.200)

cisco pix firewall software 5.3(2)

cisco pix firewall software 5.3(3)

cisco pix firewall software 6.0

cisco pix firewall software 6.0(1)

cisco pix firewall software 6.0(2)

cisco pix firewall software 6.0(3)

cisco pix firewall software 6.0(4)

cisco pix firewall software 6.0(4.101)

cisco pix firewall software 6.1

cisco pix firewall software 6.1(1)

cisco pix firewall software 6.1(2)

cisco pix firewall software 6.1(3)

cisco pix firewall software 6.1(4)

cisco pix firewall software 6.1(5)

cisco pix firewall software 6.2

cisco pix firewall software 6.2(1)

cisco pix firewall software 6.2(2)

cisco pix firewall software 6.2(3)

cisco pix firewall software 6.2(3.100)

cisco pix firewall software 6.3

cisco pix firewall software 6.3(1)

cisco pix firewall software 6.3(2)

cisco pix firewall software 6.3(3)

cisco pix firewall software 6.3(3.102)

cisco pix firewall software 6.3(3.109)

cisco pix firewall software 6.3(5)

References

NVD-CWE-Otherhttp://www.securityfocus.com/bid/16025http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtmlhttp://secunia.com/advisories/18141http://www.osvdb.org/22193http://www.securityfocus.com/archive/1/420103/100/0/threadedhttp://www.securityfocus.com/archive/1/420020/100/0/threadedhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRFserver-side request forgeryCVE-2024-30067CVE-2024-5553CVE-2024-30095IDORCVE-2024-35252CVE-2024-23692CVE-2024-27801
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook