Lucene search

[email protected]NVD:CVE-2006-4983

HistorySep 26, 2006 - 2:07 a.m.

CVE-2006-4983

2006-09-2602:07:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.004

Percentile

73.9%

JSON

Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.

Affected configurations

Nvd

Node

cisconetwork_access_control

VendorProductVersionCPE
cisconetwork_access_control*cpe:2.3:o:cisco:network_access_control:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	network_access_control	*	cpe:2.3:o:cisco:network_access_control::::::::

References

www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf

www.osvdb.org/30977

www.securityfocus.com/archive/1/446421/100/0/threaded

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.7

Confidence

Low

EPSS

0.004

Percentile

73.9%

JSON

Related for NVD:CVE-2006-4983

cvelist1 cve1