A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. The vulnerability is due to a logic change error introduced into the code. An attacker could exploit this vulnerability by trying to access an 802.1x multi-auth port after a successful supplicant has authenticated. An exploit could allow the attacker to bypass the 802.1x access controls and obtain access to the network. Cisco Bug IDs: CSCvg69701.
File data ot_500318.nasl
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | ios | 15.4(3)m6 | cpe:2.3:o:cisco:ios:15.4\(3\)m6:*:*:*:*:*:*:* |
cisco | ios | 15.4(3)m6a | cpe:2.3:o:cisco:ios:15.4\(3\)m6a:*:*:*:*:*:*:* |
cisco | ios | 15.4(3)m7 | cpe:2.3:o:cisco:ios:15.4\(3\)m7:*:*:*:*:*:*:* |
cisco | ios | 15.4(3)m7a | cpe:2.3:o:cisco:ios:15.4\(3\)m7a:*:*:*:*:*:*:* |
cisco | ios | 15.4(3)m8 | cpe:2.3:o:cisco:ios:15.4\(3\)m8:*:*:*:*:*:*:* |
cisco | ios | 15.4(3.0i)m6 | cpe:2.3:o:cisco:ios:15.4\(3.0i\)m6:*:*:*:*:*:*:* |
cisco | ios | 15.5(3)m3 | cpe:2.3:o:cisco:ios:15.5\(3\)m3:*:*:*:*:*:*:* |
cisco | ios | 15.5(3)m4 | cpe:2.3:o:cisco:ios:15.5\(3\)m4:*:*:*:*:*:*:* |
cisco | ios | 15.5(3)m4a | cpe:2.3:o:cisco:ios:15.5\(3\)m4a:*:*:*:*:*:*:* |
cisco | ios | 15.5(3)m4b | cpe:2.3:o:cisco:ios:15.5\(3\)m4b:*:*:*:*:*:*:* |