Authentication Bypass Vulnerability in Cisco Secure Access Control Products
CVE-2004-1099

Currently unrated

Key Information:

Vendor

Cisco
Status
Secure Acs Solution Engine
Secure Access Control Server
Vendor
CVE Published:
10 January 2005

What is CVE-2004-1099?

The Cisco Secure Access Control Server for Windows and Solution Engine 3.3.1 includes a vulnerability related to the handling of expired or untrusted certificates when EAP-TLS protocol is enabled. This flaw allows remote attackers to exploit the system by presenting a 'cryptographically correct' certificate containing valid fields like the username, thereby bypassing authentication processes. As a result, unauthorized access to the system can be gained, posing potential risks to network security and data integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.cisco.com/warp/public/707/cisco-sa-20041102-ac...
vendor-advisoryx_refsource_CISCO
https://exchange.xforce.ibmcloud.com/vulnerabilities/17936
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/11577
vdb-entryx_refsource_BID

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.