{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2005-12-21T00:00:00", "descriptions": [{"lang": "en", "value": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"}, {"name": "16025", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/16025"}, {"tags": ["x_refsource_MISC"], "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"}, {"name": "22193", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/22193"}, {"name": "20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"}, {"name": "18141", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18141"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-4499", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"}, {"name": "16025", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16025"}, {"name": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml", "refsource": "MISC", "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"}, {"name": "22193", "refsource": "OSVDB", "url": "http://www.osvdb.org/22193"}, {"name": "20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"}, {"name": "18141", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18141"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T23:46:05.525Z"}, "title": "CVE Program Container", "references": [{"name": "20051221 Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"}, {"name": "16025", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/16025"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"}, {"name": "22193", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/22193"}, {"name": "20051222 Re: Cisco PIX / CS ACS: Downloadable RADIUS ACLs vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"}, {"name": "18141", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18141"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-4499", "datePublished": "2005-12-22T11:00:00", "dateReserved": "2005-12-22T00:00:00", "dateUpdated": "2024-08-07T23:46:05.525Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:vpn_3001_concentrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "786346D5-13D8-45C9-B91D-C2AACF675377", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A512328-2FD0-4B1D-9327-A13A0BCE9C0D", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:vpn_3020_concentrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "D5D50FE2-A4E6-4EF4-A91C-88FB0AF6CCB4", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*", "matchCriteriaId": "6548F964-B8EE-4B39-87CF-99743D41C42C", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "E08810E6-33B6-45FF-91C7-EED10DC023EA", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "2BD1A1AC-980F-428E-8BAF-0FC821014868", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "923949D1-06EC-462F-A3BC-FCAB448042A2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*", "matchCriteriaId": "901B1838-7169-41E5-80EF-29BB680BF937", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*", "matchCriteriaId": "CDAEAA5F-0A98-48B7-8012-9B9909243135", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*", "matchCriteriaId": "11DA4B03-2D30-4514-9DF5-5F0DDD4B8DC8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*", "matchCriteriaId": "CB38834B-E4AB-43F4-888B-14B088C95594", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*", "matchCriteriaId": "23F8059B-3968-4D63-B1B3-74E545C918D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "701CDA0D-F932-4251-B484-8F20F0AE9003", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*", "matchCriteriaId": "E674AA43-905E-40E0-A70F-77D05C62C18D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*", "matchCriteriaId": "3F0D767F-7142-46D2-B3E4-7FE8E9E3285A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "057A6BA0-5F5E-4FC4-B2EC-A17968EAC2C8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "645AB682-2965-4C8D-B323-AB510E424407", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\\(rel\\):*:*:*:*:*:*:*", "matchCriteriaId": "76F7F019-A0A4-49CD-BB28-24BF7725AC89", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "175CD875-3402-4B06-A3FA-7DFFCBB44056", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "AF61B8A5-31E7-40F5-8B3D-CA90E50618AD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "4C9017BB-5848-4361-ABB9-C69FB3AB90FC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\\(rel\\):*:*:*:*:*:*:*", "matchCriteriaId": "207034E8-35F7-4E78-A3FC-C86D20EB8D9A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "C544E523-15E5-4CE5-8113-53454F5D9973", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "B09F6EBD-C3FC-4680-BE31-A766D863237D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "DF8C3FDA-D321-4202-A8EA-6C1464558A8F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "B68705AB-A133-401F-9F41-64594E071816", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "F9092680-E154-4EAB-A2D5-B692073F894E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*", "matchCriteriaId": "8EF5F3FA-5FA4-408E-BA62-3943C5DFD859", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "ADFC9764-5BF5-449F-9200-5569C13F8309", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "F12F2AAC-DB5B-4C28-86C5-F59490362E54", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "071F52AD-D59B-4673-BCBE-112B94D3EB66", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*", "matchCriteriaId": "80709CB0-D386-4C4F-B3EE-7A0501FD7248", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.a:*:*:*:*:*:*:*", "matchCriteriaId": "B2AFAF42-B894-4D62-A9CF-3349A43191AF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.b:*:*:*:*:*:*:*", "matchCriteriaId": "ABE5BB7F-D8B4-441B-9F45-56F622EEAA52", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.c:*:*:*:*:*:*:*", "matchCriteriaId": "8B87A7EC-DC23-4075-8C4A-2317FF34BDB1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.d:*:*:*:*:*:*:*", "matchCriteriaId": "98AC18E3-D12B-489D-9D95-6C9210235FB3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.f:*:*:*:*:*:*:*", "matchCriteriaId": "E9DB969E-8BE9-46E0-B8AA-5057E320F1ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7d:*:*:*:*:*:*:*", "matchCriteriaId": "36291ADE-3D5A-4E49-8BA7-B71CAAA226B9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "D953DA9F-B54E-4941-85BE-48933C98DB55", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "12E298AD-26AC-4E1D-83D8-5C2016CC6559", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "590283B1-4965-44D3-A0D4-CD90DD6B2D2A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.5.b:*:*:*:*:*:*:*", "matchCriteriaId": "B71DAF71-5763-44D8-AD1E-5ADE8BC15120", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.5.b:*:*:*:*:*:*:*", "matchCriteriaId": "BFA54782-93A8-47BE-863D-89CA3678BF6E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.a:*:*:*:*:*:*:*", "matchCriteriaId": "67F66A10-246D-447B-941F-F1175684F0D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.b:*:*:*:*:*:*:*", "matchCriteriaId": "82435757-D892-4298-9176-5EC1FEC93037", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "5A90348C-94E2-4F04-A887-E7EFFC1ACF12", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1.f:*:*:*:*:*:*:*", "matchCriteriaId": "1F5E136E-9215-46A8-A40A-AE964C588A38", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3005_concentrator_software:4.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "17196F00-9D7A-4AF6-AE1E-EA2E450A8ABD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "32200DE2-71BA-417C-AF24-3BE549A68711", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1.f:*:*:*:*:*:*:*", "matchCriteriaId": "25F3F37E-4BBD-4A0E-A1DF-64602D75207D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:pix_asa_ids:*:*:*:*:*:*:*:*", "matchCriteriaId": "701810DC-0A46-4D01-90BD-03AAF277E4DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*", "matchCriteriaId": "ECBC761F-A8F5-4CD8-B19C-5CE8FFC58FDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:pix_firewall:6.2.3_\\(110\\):*:*:*:*:*:*:*", "matchCriteriaId": "900DC321-4CEF-4810-8247-B82FE93F48BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:pix_firewall:6.3.3_\\(133\\):*:*:*:*:*:*:*", "matchCriteriaId": "422F8E64-2376-4E82-A1A2-916BFB7172AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE5C8F8B-4F20-4635-81FF-92F144F43793", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.0:*:unix:*:*:*:*:*", "matchCriteriaId": "22B6CD99-5B21-4961-AD47-B1722E586664", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.1:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "3BF391B2-17C6-4633-8CE9-35B637BFDC79", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3:*:unix:*:*:*:*:*", "matchCriteriaId": "7889030E-97F7-4CCD-8050-5250B1F58C26", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "26B0CB70-CC82-4FF1-882C-0712354DA113", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3.5.1:*:unix:*:*:*:*:*", "matchCriteriaId": "543A3774-28EB-406D-830E-957B5E9E7A66", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.3.6.1:*:unix:*:*:*:*:*", "matchCriteriaId": "B0B5C19A-58BB-4A7A-886D-3567B37F466D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.4:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "4126D9DE-A75E-4A9E-9DA7-1477D5688872", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.5:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "0354C50C-4104-4960-B1EE-F212CD3D6AE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "DE9B81AC-1D16-4FDF-B438-3D3ED2BE9538", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.2:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "8F515D7A-D663-49F0-8F12-1484000505FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.3:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "A668278F-8080-4295-95EB-88341478D16B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.6.4:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "A66BED35-F385-4A0C-9416-6F007536133E", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:2.42:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "5EA57609-522C-4431-92AE-4FF11AA67320", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "44D05855-C8C1-4243-8438-5A36A01A8F48", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "A60B49A7-B569-4485-A6B3-E14B9FB96950", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0.1:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "FA889730-B2FF-4219-BBCA-A4364BA61EAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0.3:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "8731D5CC-A6F9-48DB-B1D1-FD50CEAC63D1", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "FB11A75E-2E4B-4B83-B763-CBBC1D9DFB36", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.1.1:*:windows_nt:*:*:*:*:*", "matchCriteriaId": "DFFE6A50-B704-42BB-8FFF-27E9F4D3B576", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:*:*:*:*:*:*", "matchCriteriaId": "109147BF-3225-48E4-8BE1-2E5B59921032", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:windows_server:*:*:*:*:*", "matchCriteriaId": "7CDA01B6-6887-40BB-B541-65F198D03219", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "86806D6E-1BDF-4253-AEB7-D9D88D224812", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(1.20\\):*:*:*:*:*:*:*", "matchCriteriaId": "B0BD6882-379C-4EA7-8E51-124273C5A56F", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "680E5A81-6409-4CE7-8496-D7845FD7E851", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "3868E060-0278-491A-9943-1A2E435C7606", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F39D3441-C84A-403A-ACB4-8019579EE4DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "61ED039B-C3E6-4BC8-A97A-351EC9CEAF16", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "D2793200-D95D-4BD3-8DF2-4A847230FBE5", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "0E587654-B5A0-47A4-BED6-D8DB69AEF566", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F07B954-817F-47AC-BCAC-3DA697A6E2F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "0CC1B599-05C0-4FB5-A47B-5D858DAB43A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:vpn_3002_hardware_client:*:*:*:*:*:*:*:*", "matchCriteriaId": "12ECF578-84BF-4F41-9462-C09FA517F2A0", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*", "matchCriteriaId": "151D5A44-2D0D-478A-B011-A0892817B814", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*", "matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*", "matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*", "matchCriteriaId": "286199EA-71CF-46B4-9131-F1752C2EA82D", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*", "matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*", "matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*", "matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall:*:*:*:*:*:*:*:*", "matchCriteriaId": "F2C5A417-C48D-4799-A766-7B231ADF27C7", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "026A2C0D-AD93-49DC-AF72-8C12AD565B2B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:3.0:*:*:*:*:*:*:*", "matchCriteriaId": "920FAF7C-2964-497B-B1F8-3B060AAB4C55", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:3.1:*:*:*:*:*:*:*", "matchCriteriaId": "2D499F38-A34C-44D0-A061-C3AE08CF178B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "63E564B5-A39F-4837-93B8-1331CD975D4F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6\\):*:*:*:*:*:*:*", "matchCriteriaId": "1EEDB9DD-C862-4783-9F96-88836424B298", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.1\\(6b\\):*:*:*:*:*:*:*", "matchCriteriaId": "3BD36C4A-4B90-4012-B4A5-6081C413E302", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2:*:*:*:*:*:*:*", "matchCriteriaId": "C39A993C-5A36-4D3F-B8B6-9B3252713127", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "B1C4F7D5-DCD0-409C-86BF-A96A5253DF64", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "8198D129-76D0-4983-BFC4-8EC724FE1B6A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.2\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "6BEECFAA-9DD5-4950-B9F1-CF8582225314", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.3:*:*:*:*:*:*:*", "matchCriteriaId": "49566EAC-05AF-4880-8000-351AF538E4CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "23E9FBEE-3213-47FA-8CBA-C285533265FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "118CBF59-DAD8-468E-B279-F6359E4624F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(7.202\\):*:*:*:*:*:*:*", "matchCriteriaId": "957E6F8F-6881-44DE-A687-9D1E0C13F6CE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:4.4\\(8\\):*:*:*:*:*:*:*", "matchCriteriaId": "E56328FE-F499-4325-AFEC-45BFEAB7662D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "7AA2E425-904C-4070-8F5F-B81BCF3147F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "604CF950-5D4B-4DC6-819E-0528B22CB05C", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "E12887E5-A2BB-4B1E-9621-2961458BCE21", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.1\\(4.206\\):*:*:*:*:*:*:*", "matchCriteriaId": "3B5BE2F7-687C-477B-818B-A102526DF36D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "999A0969-60EB-4B2E-A274-9F05D9F840E5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "626E41D2-A5EF-493D-9486-3D9BC3793EAC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "EBA31E4D-2215-4E4A-BCCC-B3D922CB752D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(3.210\\):*:*:*:*:*:*:*", "matchCriteriaId": "4F16AD2C-1CC1-43D9-A944-F67071B62E66", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "A42FFBF7-9ADB-4F14-BED8-F2E53BEE7B62", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(6\\):*:*:*:*:*:*:*", "matchCriteriaId": "25D16481-CA9A-4B4D-AC9D-3A4F0387FF19", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(7\\):*:*:*:*:*:*:*", "matchCriteriaId": "56E4588E-6C1F-4720-8082-0EF299435CB9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.2\\(9\\):*:*:*:*:*:*:*", "matchCriteriaId": "D24E0E92-59D7-4B16-8B0D-2FD0EE821D93", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "ED24C763-7558-4AC0-AE10-FDA3D3078D27", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "4CC85ED3-B598-4A87-A2B8-8D3B52ECC2F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(1.200\\):*:*:*:*:*:*:*", "matchCriteriaId": "C84CE24E-4ED6-43D0-A234-FBD24D22A8A2", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "FF84B9FE-7C6C-4578-A5A9-EF0D5EEEEC19", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:5.3\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "72C3E2B4-3A36-44B5-90D3-1BF9FAD98579", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "58BE9C02-2A01-4F6F-A6BD-BC0173561E9B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C558CED8-8342-46CB-9F52-580B626D320E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "0F85D19E-6C26-429D-B876-F34238B9DAAF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "FEC7CCF7-CBC6-4EDC-8EDD-884DFFFBCC7D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "E5011A33-CD6D-4EFC-ACFD-E51C9AE726A3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.0\\(4.101\\):*:*:*:*:*:*:*", "matchCriteriaId": "09063867-0E64-4630-B35B-4CCA348E4DAB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "78F98CD7-A352-483C-9968-8FB2627A7CBD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F97FE485-705F-4707-B6C6-0EF9E8A85D5F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "E2B925E8-D2C2-4E8C-AC21-0C422245C482", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "B9170562-872E-4C32-869C-B10FF35A925E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "D0927A68-8BB2-4F03-8396-E9CACC158FC0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "559DDBA3-2AF4-4A0C-B219-6779BA931F21", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.1.5\\(104\\):*:*:*:*:*:*:*", "matchCriteriaId": "F76AED68-8304-4BC6-9D98-64231B08A6A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "ED9D142A-DDC8-4BD6-8C22-F242C9C0B1ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "5226C9CC-6933-4F10-B426-B47782C606FD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "757DAE9A-B25D-4B8A-A41B-66C2897B537E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "5E3DC170-E279-4725-B9EE-6840B5685CC9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.2\\(3.100\\):*:*:*:*:*:*:*", "matchCriteriaId": "8091EDA9-BD18-47F7-8CEC-E086238647C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "CE05B514-F094-4632-B25B-973F976F6409", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "3392428D-1A85-4472-A276-C482A78E2CE1", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "B0D74D2C-662B-4D24-89EE-3DB73F96BBF5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.102\\):*:*:*:*:*:*:*", "matchCriteriaId": "40954985-16E6-4F37-B014-6A55166AE093", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(3.109\\):*:*:*:*:*:*:*", "matchCriteriaId": "0C097809-1FEF-4417-A201-42291CC29122", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "5E6D5FD3-CF95-4A3B-9ADB-CEC77F73CA78", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS."}], "id": "CVE-2005-4499", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-22T11:03:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/18141"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/22193"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/16025"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/18141"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_field_notice09186a00805bf1c4.shtml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/22193"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/420020/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/420103/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/16025"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}