Authentication Bypass and User Manipulation Vulnerability in Cisco Clean Access (CCA)

CVE-2005-2631 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users.

Learn more about our Api Penetration Testing.