CVE-2005-4332
Gravedad CVSS v2.0:
ALTA
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
17/12/2005
Última modificación:
03/04/2025
Descripción
*** Pendiente de traducción *** Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_action.jsp, and (3) file.jsp.
Impacto
Puntuación base 2.0
9.40
Gravedad 2.0
ALTA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.5:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.6:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.7:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.8:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.3.9:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.1:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.2:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.3:*:*:*:*:*:*:* | ||
| cpe:2.3:a:cisco:network_admission_control_manager_and_server_system_software:3.4.4:*:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://secunia.com/advisories/18103
- http://securityreason.com/securityalert/265
- http://securitytracker.com/id?1015375=
- http://www.awarenetwork.org/forum/viewtopic.php?p=2236
- http://www.cisco.com/warp/public/707/cisco-response-20051221-CCA.shtml
- http://www.osvdb.org/21956
- http://www.osvdb.org/21957
- http://www.osvdb.org/21958
- http://www.securityfocus.com/archive/1/419645/100/0/threaded
- http://www.securityfocus.com/archive/1/420008/100/0/threaded
- http://www.securityfocus.com/bid/15909
- http://www.vupen.com/english/advisories/2005/3007
- http://secunia.com/advisories/18103
- http://securityreason.com/securityalert/265
- http://securitytracker.com/id?1015375=
- http://www.awarenetwork.org/forum/viewtopic.php?p=2236
- http://www.cisco.com/warp/public/707/cisco-response-20051221-CCA.shtml
- http://www.osvdb.org/21956
- http://www.osvdb.org/21957
- http://www.osvdb.org/21958
- http://www.securityfocus.com/archive/1/419645/100/0/threaded
- http://www.securityfocus.com/archive/1/420008/100/0/threaded
- http://www.securityfocus.com/bid/15909
- http://www.vupen.com/english/advisories/2005/3007