CVE Vulnerabilities

CVE-2001-1105

Published: Sep 12, 2001 | Modified: Nov 08, 2021
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.

Affected Software

Name Vendor Start Version End Version
Bsafe_ssl-j Dell 3.1 3.1
Icdn Cisco 2.0 2.0
Bsafe_ssl-j Dell 3.0 3.0
Bsafe_ssl-j Dell 3.0.1 3.0.1

References