CVE-2007-1800

Currently unrated

Key Information:

Vendor: Cisco
Status: Trust Agent
Vendor: CVE Published:; 2 April 2007

Summary

Cisco Secure ACS does not require authentication when Cisco Trust Agent (CTA) transmits posture information, which might allow remote attackers to gain network access via a spoofed Network Endpoint Assessment posture, aka "NACATTACK." NOTE: this attack might be limited to authenticated users and devices.

References

http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speake...

x_refsource_MISC

http://osvdb.org/34123

vdb-entryx_refsource_OSVDB

http://www.cisco.com/en/US/products/products_security_res...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Apr 2, 2007
Vulnerability Reserved
Apr 2, 2007