The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a tacacs-server host command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Anomaly_guard_module | Cisco | 5.0(1) (including) | 5.0(1) (including) |
| Anomaly_guard_module | Cisco | 5.0(3) (including) | 5.0(3) (including) |
| Guard | Cisco | 5.0(1) (including) | 5.0(1) (including) |
| Guard | Cisco | 5.0(3) (including) | 5.0(3) (including) |
| Traffic_anomaly_detector_module | Cisco | 5.0(1) (including) | 5.0(1) (including) |
| Traffic_anomaly_detector_module | Cisco | 5.0(3) (including) | 5.0(3) (including) |
References
- http://secunia.com/advisories/18904
- http://securityreason.com/securityalert/435
- http://securitytracker.com/id?1015637
- http://securitytracker.com/id?1015638
- http://www.cisco.com/en/US/products/products_security_advisory09186a008060519a.shtml
- http://www.osvdb.org/23237
- http://www.securityfocus.com/bid/16661
- http://www.vupen.com/english/advisories/2006/0612
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24689
- http://secunia.com/advisories/18904
- http://securityreason.com/securityalert/435
- http://securitytracker.com/id?1015637
- http://securitytracker.com/id?1015638
- http://www.cisco.com/en/US/products/products_security_advisory09186a008060519a.shtml
- http://www.osvdb.org/23237
- http://www.securityfocus.com/bid/16661
- http://www.vupen.com/english/advisories/2006/0612
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24689