7.5
CVE-2004-1460
- EPSS 1.57%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:44
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Secure Access Control Server Version3.0
Cisco ≫ Secure Access Control Server Version3.1
Cisco ≫ Secure Access Control Server Version3.2
Cisco ≫ Secure Access Control Server Version3.2 Editionwindows_server
Cisco ≫ Secure Access Control Server Version3.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.57% | 0.722 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml
http://www.securityfocus.com/bid/11047
https://exchange.xforce.ibmcloud.com/vulnerabilities/17117