CVE Vulnerability

CVE-2007-0058

Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager (CAM) allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file.

7.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 6.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact NONE

Scope

References
Link Resource
http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtml Vendor Advisory
http://securitytracker.com/id?1017465 Third Party Advisory VDB Entry
http://secunia.com/advisories/23556 Third Party Advisory
http://www.osvdb.org/32579 Broken Link
http://www.vupen.com/english/advisories/2007/0030 Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:*:*:*:*:*:*:*:*
Information

Published : 2007-01-04 10:28

Updated : 2018-10-30 04:25

NVD link : CVE-2007-0058

Mitre link : CVE-2007-0058

Products Affected
No products.
CWE
CWE-200