CyberSec.Space Logo
Back to CVE Browser

CVE-2007-0057

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile23.30th
PublishedJan 4, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access.

Affected Platforms (CPE)

πŸ“¦
Cisco

Network Admission Control Manager And Server System Software

>= 3.6.0.0 and <= 3.6.4.2
πŸ“¦
Cisco

Network Admission Control Manager And Server System Software

>= 4.0.0.0 and < 4.0.3.2

References & Advisories

πŸ”— http://osvdb.org/32578
πŸ”— http://secunia.com/advisories/23617
πŸ”— http://securitytracker.com/id?1017465
πŸ”— http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtml
πŸ”— http://www.vupen.com/english/advisories/2007/0030
πŸ”— http://osvdb.org/32578
πŸ”— http://secunia.com/advisories/23617
πŸ”— http://securitytracker.com/id?1017465

Related Vulnerabilities

CVE-2007-010010.0

The Perforce client does not restrict the set of files that it overwrites upon receiving a request from the server, which allows r...

CVE-2007-350010.0

Xeweb XEForum allows remote attackers to gain privileges via a modified xeforum cookie.

CVE-2007-049610.0

PHP remote file inclusion vulnerability in lib/nl/nl.php in Neon Labs Website (nlws) 3.2 and earlier allows remote attackers to ex...

CVE-2007-011710.0

DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials (BOM) fil...