Vulnerability Description
Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Catalyst | All versions |
References
- http://marc.info/?l=bugtraq&m=111842833009771&w=2
- http://www.cisco.com/warp/public/707/cisco-sn-20050608-8021x.shtml
- http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+802.1x+Advisory.pdfVendor Advisory
- http://www.securitytracker.com/alerts/2005/Jun/1014135.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20939
- http://marc.info/?l=bugtraq&m=111842833009771&w=2
- http://www.cisco.com/warp/public/707/cisco-sn-20050608-8021x.shtml
- http://www.fishnetsecurity.com/csirt/disclosure/cisco/Cisco+802.1x+Advisory.pdfVendor Advisory
- http://www.securitytracker.com/alerts/2005/Jun/1014135.htmlVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20939
FAQ
What is CVE-2005-1942?
CVE-2005-1942 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages.
How severe is CVE-2005-1942?
CVE-2005-1942 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1942?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Catalyst.