First published: Tue Apr 12 2005(Updated: )
Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco IOS | =12.3t | |
Cisco IOS | =12.3 | |
Cisco IOS | =12.2t |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.