Network Admission Control
CVEs (5)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-1124 | 0.00 | — | 0.01 | Feb 28, 2013 | The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309. | |||
| CVE-2008-1155 | 0.00 | — | 0.03 | Apr 16, 2008 | Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs. | |||
| CVE-2006-4983 | 0.00 | — | 0.01 | Sep 26, 2006 | Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols. | |||
| CVE-2006-4982 | 0.00 | — | 0.00 | Sep 26, 2006 | Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using… | |||
| CVE-2006-4430 | 0.00 | — | 0.02 | Aug 29, 2006 | The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP… |
- CVE-2013-1124Feb 28, 2013risk 0.00cvss —epss 0.01
The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.
- CVE-2008-1155Apr 16, 2008risk 0.00cvss —epss 0.03
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
- CVE-2006-4983Sep 26, 2006risk 0.00cvss —epss 0.01
Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.
- CVE-2006-4982Sep 26, 2006risk 0.00cvss —epss 0.00
Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using…
- CVE-2006-4430Aug 29, 2006risk 0.00cvss —epss 0.02
The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP…