Lucene search

MitreCVE-2005-1057

HistoryMay 02, 2005 - 4:00 a.m.

CVE-2005-1057

2005-05-0204:00:00

mitre

web.nvd.nist.gov

cisco

ios

easy vpn

xauth

authentication bypass

remote attack

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.005

Percentile

76.8%

JSON

Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a “malformed packet.”

Affected configurations

Nvd

Node

ciscoiosMatch12.2t

ciscoiosMatch12.3

ciscoiosMatch12.3t

VendorProductVersionCPE
ciscoios12.2tcpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*
ciscoios12.3cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
ciscoios12.3tcpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	ios	12.2t	cpe:2.3:o:cisco:ios:12.2t:::::::*
cisco	ios	12.3	cpe:2.3:o:cisco:ios:12.3:::::::*
cisco	ios	12.3t	cpe:2.3:o:cisco:ios:12.3t:::::::*

References

www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5852

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.005

Percentile

76.8%

JSON

Related for CVE-2005-1057