[email protected]CVE-2005-4825

HistoryDec 31, 2005 - 5:00 a.m.

CVE-2005-4825

2005-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cisco

clean access

authentication bypass

denial of service

file access

cve-2005-4825

7.2 High

AI Score

Confidence

Low

5.7 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

41.0%

JSON

Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332.

CPENameOperatorVersion
cisco:network_admission_control_manager_and_server_system_softwarecisco network admission control manager and server system softwareeq3.5.2
cisco:network_admission_control_manager_and_server_system_softwarecisco network admission control manager and server system softwareeq3.5.3
cisco:network_admission_control_manager_and_server_system_softwarecisco network admission control manager and server system softwareeq3.5.4
cisco:network_admission_control_manager_and_server_system_softwarecisco network admission control manager and server system softwareeq3.5.5
cisco:network_admission_control_manager_and_server_system_softwarecisco network admission control manager and server system softwareeq3.5
cisco:network_admission_control_manager_and_server_system_softwarecisco network admission control manager and server system softwareeq3.5.1
cisco:network_admission_control_manager_and_server_system_softwarecisco network admission control manager and server system softwareeq3.5\(9\)

CPE	Name	Operator	Version
cisco:network_admission_control_manager_and_server_system_software	cisco network admission control manager and server system software	eq	3.5.2
cisco:network_admission_control_manager_and_server_system_software	cisco network admission control manager and server system software	eq	3.5.3
cisco:network_admission_control_manager_and_server_system_software	cisco network admission control manager and server system software	eq	3.5.4
cisco:network_admission_control_manager_and_server_system_software	cisco network admission control manager and server system software	eq	3.5.5
cisco:network_admission_control_manager_and_server_system_software	cisco network admission control manager and server system software	eq	3.5
cisco:network_admission_control_manager_and_server_system_software	cisco network admission control manager and server system software	eq	3.5.1
cisco:network_admission_control_manager_and_server_system_software	cisco network admission control manager and server system software	eq	3.5\(9\)

References

www.cisco.com/warp/public/707/cisco-response-20051221-CCA.shtml

www.osvdb.org/21959

www.securityfocus.com/archive/1/419645/30/0/threaded

7.2 High

AI Score

Confidence

Low

5.7 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:N/I:N/A:C

0.001 Low

EPSS

Percentile

41.0%

JSON

Related for CVE-2005-4825

securityvulns1 cve1