Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-1460 | First vendor Publication | 2004-12-31 |
Vendor | Cve | Last vendor Modification | 2017-07-11 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1460 |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
9184 | Cisco Secure Access Control Server NDS Database Blank Password Authentication Cisco Secure Access Control Server contains a flaw that may allow a remote attacker to successfully authenticate against a Novell Directory Service (NDS) database. The issue occurs when anonymous binds in the NDS are allowed and the ACS Solution Engine authenticates with DNS as the external database instead of generic LDAP. In such a configuration, a remote attacker may be able to authenticate using a blank password instead of valid authentication credentials. |
Sources (Detail)
Source | Url |
---|---|
BID | http://www.securityfocus.com/bid/11047 |
CISCO | http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml |
XF | https://exchange.xforce.ibmcloud.com/vulnerabilities/17117 |
Alert History
Date | Informations |
---|---|
2024-02-02 01:02:41 |
|
2024-02-01 12:01:35 |
|
2023-09-05 12:02:33 |
|
2023-09-05 01:01:26 |
|
2023-09-02 12:02:34 |
|
2023-09-02 01:01:26 |
|
2023-08-12 12:03:06 |
|
2023-08-12 01:01:27 |
|
2023-08-11 12:02:41 |
|
2023-08-11 01:01:28 |
|
2023-08-06 12:02:28 |
|
2023-08-06 01:01:28 |
|
2023-08-04 12:02:32 |
|
2023-08-04 01:01:29 |
|
2023-07-14 12:02:31 |
|
2023-07-14 01:01:28 |
|
2023-03-29 01:02:33 |
|
2023-03-28 12:01:33 |
|
2022-10-11 12:02:15 |
|
2022-10-11 01:01:20 |
|
2021-05-04 12:02:31 |
|
2021-04-22 01:02:41 |
|
2020-05-23 00:16:01 |
|
2017-07-11 12:01:37 |
|
2016-06-28 15:07:04 |
|
2013-05-11 11:45:11 |
|