Cisco Clean Access Secure Smart Manager Authentication Bypass and Denial of Service Vulnerability

Cisco Clean Access Secure Smart Manager Authentication Bypass and Denial of Service Vulnerability

CVE-2005-4332 · HIGH Severity

AV:N/AC:L/AU:N/C:N/I:C/A:C

Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_action.jsp, and (3) file.jsp.

Learn more about our Web Application Penetration Testing UK.