Vulnerability Description
Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Network Admission Control Manager And Server System Software | >= 3.6.0.0, <= 3.6.4.2 |
Related Weaknesses (CWE)
References
- http://osvdb.org/32578Broken Link
- http://secunia.com/advisories/23617Third Party Advisory
- http://securitytracker.com/id?1017465Third Party AdvisoryVDB Entry
- http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtmlPatchVendor Advisory
- http://www.vupen.com/english/advisories/2007/0030Third Party Advisory
- http://osvdb.org/32578Broken Link
- http://secunia.com/advisories/23617Third Party Advisory
- http://securitytracker.com/id?1017465Third Party AdvisoryVDB Entry
- http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtmlPatchVendor Advisory
- http://www.vupen.com/english/advisories/2007/0030Third Party Advisory
FAQ
What is CVE-2007-0057?
CVE-2007-0057 is a vulnerability with a CVSS score of 10.0 (HIGH). Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the s...
How severe is CVE-2007-0057?
CVE-2007-0057 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0057?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Network Admission Control Manager And Server System Software.