CVE-2006-4983

2006-09-2601:43:00

mitre

www.cve.org

6.7 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.9%

JSON

Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.

References

www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf

www.osvdb.org/30977

www.securityfocus.com/archive/1/446421/100/0/threaded