Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote malicious users to bypass XAUTH and move to Phase 2 negotiations.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios 12.2t |
||
cisco ios 12.3 |
||
cisco ios 12.3t |