CVE-2011-0935
First published: Thu Apr 14 2011(Updated: )
The PKI functionality in Cisco IOS 15.0 and 15.1 does not prevent permanent caching of certain public keys, which allows remote attackers to bypass authentication and have unspecified other impact by leveraging an IKE peer relationship in which a key was previously valid but later revoked, aka Bug ID CSCth82164, a different vulnerability than CVE-2010-4685.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | =15.1 | |
| Cisco IOS | =15.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2011-0935?
CVE-2011-0935 is rated as a high-severity vulnerability due to its potential to allow remote attackers to bypass authentication.
How do I fix CVE-2011-0935?
To mitigate CVE-2011-0935, update your Cisco IOS to the latest version that addresses this vulnerability.
What systems are affected by CVE-2011-0935?
CVE-2011-0935 affects Cisco IOS versions 15.0 and 15.1.
What kind of attacks can exploit CVE-2011-0935?
Exploitation of CVE-2011-0935 can allow attackers to leverage previously valid keys that have been revoked to bypass authentication.
Is there a workaround for CVE-2011-0935?
There are no specific workarounds documented for CVE-2011-0935; upgrading to a patched version is recommended.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/description
- agent/tags
- agent/event
- agent/first-publish-date
- agent/source
- vendor/cisco
- canonical/cisco ios
- version/cisco ios/15.1
- version/cisco ios/15.0