CVE-2004-1459

Published Dec 31, 2004

Last updated 7 years ago

CVSS info 5.0

Overview

Description: Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIUS proxy, allows remote attackers to cause a denial of service (device crash) via certain LEAP authentication requests.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.0:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "44D05855-C8C1-4243-8438-5A36A01A8F48"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.1:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FB11A75E-2E4B-4B83-B763-CBBC1D9DFB36"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "109147BF-3225-48E4-8BE1-2E5B59921032"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2:*:windows_server:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7CDA01B6-6887-40BB-B541-65F198D03219"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "86806D6E-1BDF-4253-AEB7-D9D88D224812"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(2\\):*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "680E5A81-6409-4CE7-8496-D7845FD7E851"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.2\\(3\\):*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3868E060-0278-491A-9943-1A2E435C7606"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D2793200-D95D-4BD3-8DF2-4A847230FBE5"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_access_control_server:3.3\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0E587654-B5A0-47A4-BED6-D8DB69AEF566"
          },
          {
            "criteria": "cpe:2.3:a:cisco:secure_acs_solution_engine:*:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3B17AFE8-DEC5-49BD-98EE-051454A632E5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References