Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote malicious users to bypass authentication and obtain a terminal session, a different vulnerability than CVE-1999-0293 and CVE-2005-2105.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco ios 12.2s |
||
cisco ios 12.2e |
||
cisco ios 12.2f |