Lucene search

[email protected]CVE-2006-4982

HistorySep 26, 2006 - 2:07 a.m.

CVE-2006-4982

2006-09-2602:07:00

[email protected]

web.nvd.nist.gov

cisco

nac

exception list

bypass

vulnerability

mac address spoofing

network security

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

21.1%

JSON

Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using the MAC address of a disconnected printer.

Affected configurations

NVD

Node

cisconetwork_access_control

CPENameOperatorVersion
cisco:network_access_controlcisco network access controleq*

CPE	Name	Operator	Version
cisco:network_access_control	cisco network access control	eq	*

References

www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf

www.osvdb.org/30978

www.securityfocus.com/archive/1/446421/100/0/threaded

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

6.8 Medium

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

21.1%

JSON

Related for CVE-2006-4982

cvelist1 nvd1