Unrated severityNVD Advisory· Published Sep 26, 2006· Updated Jun 16, 2026

CVE-2006-4982

Description

Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using the MAC address of a disconnected printer.

Affected products

Cisco Systems, Inc./Network Admission Control
cpe:2.3:o:cisco:network_access_control:*:*:*:*:*:*:*:*
Cisco Systems, Inc./NACllm-fuzzy

Patches

Vulnerability mechanics

References

www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdfnvd
www.osvdb.org/30978nvd
www.securityfocus.com/archive/1/446421/100/0/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000