返回 CVE 瀏覽器

CVE-2004-1099

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0340%

EPSS Percentile9.37th

Published2005年1月10日

Last Modified2026年4月16日

Vulnerability Description

Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username.

Affected Platforms (CPE)

📦

Cisco

Secure Access Control Server

= 3.3\(1\)

📦

Cisco

Secure Access Control Server

= 3.3.1

📦

Cisco

Secure Acs Solution Engine

All versions

References & Advisories

🔗 http://www.ciac.org/ciac/bulletins/p-028.shtml

🔗 http://www.cisco.com/warp/public/707/cisco-sa-20041102-acs-eap-tls.shtml

🔗 http://www.securityfocus.com/bid/11577

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/17936

🔗 http://www.ciac.org/ciac/bulletins/p-028.shtml

🔗 http://www.cisco.com/warp/public/707/cisco-sa-20041102-acs-eap-tls.shtml

🔗 http://www.securityfocus.com/bid/11577

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/17936

相關漏洞威脅

CVE-2006-409810.0

Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Sol...

CVE-2008-053210.0

Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Contr...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2016-19089.8

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 serv...