CVE-2012-5424 - OpenCVE

Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote attackers to bypass authentication by sending a valid username and a crafted password string, aka Bug ID CSCuc65634.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Secure Access Control Server

Configuration 1 [-]

OR	cpe:2.3:a:cisco:secure_access_control_server:5.0:::::::*
	cpe:2.3:a:cisco:secure_access_control_server:5.1:::::::*
	cpe:2.3:a:cisco:secure_access_control_server:5.2:::::::*
	cpe:2.3:a:cisco:secure_access_control_server:5.3:::::::*

No data.

References

Link	Providers
http://osvdb.org/87251
http://secunia.com/advisories/51194
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121107-acs
http://www.securityfocus.com/bid/56433
http://www.securitytracker.com/id?1027733
https://exchange.xforce.ibmcloud.com/vulnerabilities/79860

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2012-11-07T23:00:00

Updated: 2024-08-06T21:05:47.240Z

Reserved: 2012-10-17T00:00:00

Link: CVE-2012-5424

Vulnrichment

No data.

NVD

Status : Modified

Published: 2012-11-07T23:55:01.320

Modified: 2017-08-29T01:32:40.667

Link: CVE-2012-5424

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-11-07T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote attackers to bypass authentication by sending a valid username and a crafted password string, aka Bug ID CSCuc65634."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20121107 Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121107-acs"}, {"name": "87251", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/87251"}, {"name": "cisco-acs-sec-bypass(79860)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79860"}, {"name": "56433", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/56433"}, {"name": "51194", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51194"}, {"name": "1027733", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027733"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2012-5424", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote attackers to bypass authentication by sending a valid username and a crafted password string, aka Bug ID CSCuc65634."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20121107 Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121107-acs"}, {"name": "87251", "refsource": "OSVDB", "url": "http://osvdb.org/87251"}, {"name": "cisco-acs-sec-bypass(79860)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79860"}, {"name": "56433", "refsource": "BID", "url": "http://www.securityfocus.com/bid/56433"}, {"name": "51194", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51194"}, {"name": "1027733", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027733"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:05:47.240Z"}, "title": "CVE Program Container", "references": [{"name": "20121107 Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121107-acs"}, {"name": "87251", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/87251"}, {"name": "cisco-acs-sec-bypass(79860)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79860"}, {"name": "56433", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/56433"}, {"name": "51194", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51194"}, {"name": "1027733", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1027733"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2012-5424", "datePublished": "2012-11-07T23:00:00", "dateReserved": "2012-10-17T00:00:00", "dateUpdated": "2024-08-06T21:05:47.240Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:secure_access_control_server:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B1D9BFE6-C698-493C-98C8-9A3B2962BFB4", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "4095508A-D5DA-4609-82E7-8FA243F08CB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:5.2:*:*:*:*:*:*:*", "matchCriteriaId": "DF26A035-DBF6-4720-82D2-268EF7472F0D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:secure_access_control_server:5.3:*:*:*:*:*:*:*", "matchCriteriaId": "CD5F16F0-84E9-471D-9004-30D3078897DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco Secure Access Control System (ACS) 5.x before 5.2 Patch 11 and 5.3 before 5.3 Patch 7, when a certain configuration involving TACACS+ and LDAP is used, does not properly validate passwords, which allows remote attackers to bypass authentication by sending a valid username and a crafted password string, aka Bug ID CSCuc65634."}, {"lang": "es", "value": "Cisco Secure Access Control System (ACS) v5.x antes v5.2 Patch 11 y v5.3 antes de 5.3 Patch 7, cuando se usa una determinada configuraci\u00f3n que implica TACACS+ y LDAP, no valida correctamente las contrase\u00f1as, lo que permite a atacantes remotos evitar la autenticaci\u00f3n mediante el env\u00edo de un nombre de usuario v\u00e1lido y una contrase\u00f1a modificada a mano. Se trata de un problema tambi\u00e9n conocido como Bug ID CSCuc65634.\r\n"}], "id": "CVE-2012-5424", "lastModified": "2017-08-29T01:32:40.667", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-07T23:55:01.320", "references": [{"source": "ykramarz@cisco.com", "url": "http://osvdb.org/87251"}, {"source": "ykramarz@cisco.com", "url": "http://secunia.com/advisories/51194"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121107-acs"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/56433"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1027733"}, {"source": "ykramarz@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79860"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}