Lucene search

CiscoCISCO-SA-20111005-NAC

HistoryOct 05, 2011 - 4:00 p.m.

Directory Traversal Vulnerability in Cisco Network Admission Control Manager

2011-10-0516:00:00

tools.cisco.com

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

EPSS

0.015

Percentile

87.0%

JSON

Cisco Network Admission Control (NAC) Manager contains a directory
traversal vulnerability that may allow an unauthenticated attacker to obtain
system information.

There are no workarounds to mitigate this
vulnerability.

Cisco has released software updates that address this vulnerability.

This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-nac[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-nac”].

Affected configurations

Vulners

Node

cisconac_applianceMatchany

VendorProductVersionCPE
cisconac_applianceanycpe:2.3:h:cisco:nac_appliance:any:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	nac_appliance	any	cpe:2.3:h:cisco:nac_appliance:any:::::::*

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-nac

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

EPSS

0.015

Percentile

87.0%

JSON

Related for CISCO-SA-20111005-NAC