CVE-2005-2105
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
05/07/2005
Last modified:
03/04/2025
Description
Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:cisco:ios:12.2\(2\)xr:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2\(4\)xr:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xb:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xc:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xd:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xe:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xf:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xg:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xh:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xi:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xj:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xk:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xl:*:*:*:*:*:*:* | ||
| cpe:2.3:o:cisco:ios:12.2xm:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://www.cisco.com/warp/public/707/cisco-sa-20050629-aaa.shtml
- http://www.securitytracker.com/alerts/2005/Jun/1014330.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21190
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5756
- http://www.cisco.com/warp/public/707/cisco-sa-20050629-aaa.shtml
- http://www.securitytracker.com/alerts/2005/Jun/1014330.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21190
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5756