Lucene search

K
cve[email protected]CVE-2005-4332
HistoryDec 17, 2005 - 11:03 a.m.

CVE-2005-4332

2005-12-1711:03:00
NVD-CWE-Other
web.nvd.nist.gov
16
cisco
clean access
authentication bypass
denial of service
file upload
jsp
security vulnerability
cve-2005-4332
nvd

7.3 High

AI Score

Confidence

Low

9.4 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:C/A:C

0.02 Low

EPSS

Percentile

88.6%

Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_action.jsp, and (3) file.jsp.

7.3 High

AI Score

Confidence

Low

9.4 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:C/A:C

0.02 Low

EPSS

Percentile

88.6%

Related for CVE-2005-4332