Authentication Weakness in Cisco Clean Access by Cisco Systems
CVE-2007-0057

Currently unrated

Key Information:

Vendor: Cisco
Status: Network Admission Control Manager And Server System Software
Vendor: CVE Published:; 4 January 2007

Summary

Cisco Clean Access versions 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 are vulnerable due to a failure in properly configuring or allowing modification of shared secret authentication keys. This oversight results in all devices utilizing the same shared secret, thereby enabling remote attackers to gain unauthorized access to the network. It is crucial for users of affected versions to apply necessary patches and security measures to mitigate this vulnerability.

References

http://secunia.com/advisories/23617

third-party-advisoryx_refsource_SECUNIA

http://www.vupen.com/english/advisories/2007/0030

vdb-entryx_refsource_VUPEN

http://osvdb.org/32578

vdb-entryx_refsource_OSVDB

Timeline

Vulnerability published
Jan 4, 2007
Vulnerability Reserved
Jan 4, 2007