VYPR

Network Admission Control

by Cisco Systems, Inc.

CVEs (5)

  • CVE-2013-1124Feb 28, 2013
    risk 0.00cvss epss 0.01

    The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.

  • CVE-2008-1155Apr 16, 2008
    risk 0.00cvss epss 0.03

    Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.

  • CVE-2006-4983Sep 26, 2006
    risk 0.00cvss epss 0.01

    Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.

  • CVE-2006-4982Sep 26, 2006
    risk 0.00cvss epss 0.00

    Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using…

  • CVE-2006-4430Aug 29, 2006
    risk 0.00cvss epss 0.02

    The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP…