Published: 31/12/2003 Updated: 11/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote malicious users to gain privileges via brute force password guessing attacks.

Affected Products

Vendor Product Versions


source: wwwsecurityfocuscom/bid/8755/info It has been reported that Cisco LEAP (Lightweight Extensible Authentication Protocol) is prone to a password disclosure weakness that may allow a remote user to steal user passwords The issue may be exploited out by brute forcing user passwords using dictionary attacks Successful exploitation o ...