CVE-2004-1460

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control Server; Secure Acs Solution Engine
Vendor: CVE Published:; 31 December 2004

Summary

Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password.

References

http://www.securityfocus.com/bid/11047

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/17117

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/cisco-sa-20040825-ac...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability Reserved
Feb 13, 2005
Vulnerability published
Dec 31, 2004