Blank Password Vulnerability in Cisco Secure Access Control Server
CVE-2004-1460
Currently unrated
Key Information:
- Vendor
Cisco
- Vendor
- CVE Published:
- 31 December 2004
What is CVE-2004-1460?
The vulnerability in Cisco Secure Access Control Server arises when it is configured with an anonymous bind for Novell Directory Services (NDS). This configuration allows remote attackers to exploit the system by using a blank password to authenticate NDS users. Consequently, unauthorized access to AAA clients may be achieved, posing a significant security risk for organizations utilizing this configuration.