ISAKMP Profile Attribute Processing Bypass Vulnerability

ISAKMP Profile Attribute Processing Bypass Vulnerability

CVE-2005-1058 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations.

Learn more about our Cis Benchmark Audit For Apple Ios.