CVE-2005-2631

Currently unrated

Key Information:

Vendor: Cisco
Status: Network Admission Control Manager And Server System Software
Vendor: CVE Published:; 23 August 2005

Summary

Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users.

References

http://secunia.com/advisories/16472/

third-party-advisoryx_refsource_SECUNIA

http://www.cisco.com/warp/public/707/cisco-sa-20050817-cc...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/14585

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Aug 23, 2005
Vulnerability Reserved
Aug 20, 2005