Authentication Bypass and User Manipulation Vulnerability in Cisco Clean Access (CCA)
CVE-2005-2631 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users.
Learn more about our Api Penetration Testing.