First published: Fri Dec 31 2004(Updated: )
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Secure Access Control Server | =3.2 | |
Cisco Secure Acs Solution Engine | ||
Cisco Secure Access Control Server | =3.3\(1\) | |
Cisco Secure Access Control Server | =3.0 | |
Cisco Secure Access Control Server | =3.1 | |
Cisco Secure Access Control Server | =3.2 | |
Cisco Secure Access Control Server | =3.3 | |
Cisco Secure Access Control Server | =3.2\(3\) | |
Cisco Secure Access Control Server | =3.2\(1\) | |
Cisco Secure Access Control Server | =3.2\(2\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.