First published: Wed Sep 12 2001(Updated: )
RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Icdn | =2.0 | |
Dell BSAFE SSL-J | =3.0 | |
Dell BSAFE SSL-J | =3.0.1 | |
Dell BSAFE SSL-J | =3.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.