Lucene search

[email protected]CVE-2002-0241

HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0241

2003-04-0205:00:00

[email protected]

web.nvd.nist.gov

cisco

acs 3.0.1

ndsauth.dll

novell directory services

authentication issue

cve-2002-0241.

6.5 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.4%

JSON

NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to authenticate to the server.

Affected configurations

NVD

Node

ciscosecure_access_control_serverMatch3.0.1windows_nt

CPENameOperatorVersion
cisco:secure_access_control_servercisco secure access control servereq3.0.1

CPE	Name	Operator	Version
cisco:secure_access_control_server	cisco secure access control server	eq	3.0.1

References

www.cisco.com/warp/public/707/ciscosecure-acs-nds-authentication-vuln-pub.shtml

www.iss.net/security_center/static/8106.php

www.securityfocus.com/bid/4048

6.5 Medium

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.003 Low

EPSS

Percentile

71.4%

JSON

Related for CVE-2002-0241

cisco1 cvelist1 nvd1