CVE-2015-0607 — Improper Authentication in Cisco IOS

CWE-287 — Improper Authentication4 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.3%

top 50.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco IOS

Timeline

PublishedMar 6

Latest updateMay 17

Description

The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote attackers to bypass authentication in opportunistic circumstances via a connection attempt that triggers an invalid code, as demonstrated by a connection attempt with a blank password, aka Bug IDs CSCuo09400 and CSCun16016.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/ios11 versions+10

🔴Vulnerability Details

GHSA

GHSA-hmcj-2mfv-vx8m: The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote a↗2022-05-17

▶

CVEList

CVE-2015-0607: The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote a↗2015-03-06

▶

📋Vendor Advisories

Cisco

Cisco IOS Software Authentication Proxy Bypass Vulnerability↗2015-03-03

▶