CVE-2005-4499

3 documents3 sources

Severity

7.5HIGH

EPSS

1.9%

top 16.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software Cisco PIX Firewall Cisco PIX Firewall Software +4 more

Timeline

PublishedDec 22

Latest updateMay 1

Description

The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages7 packages

▶NVDcisco/secure_access_control_server28 versions+27

▶NVDcisco/vpn_3000_concentrator_series_software41 versions+40

▶NVDcisco/vpn_3005_concentrator_software4.0.1

▶NVDcisco/pix_firewall6.2.2_.111, 6.2.3_\(110\), 6.3.3_\(133\)+2

▶NVDcisco/vpn_3030_concentator4.7.1, 4.7.1.f+1

🔴Vulnerability Details

GHSA

GHSA-8cq5-h2jx-4m9x: The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS),↗2022-05-01

▶

CVEList

CVE-2005-4499: The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS),↗2005-12-22

▶