Vulnerabilities > CVE-2007-1800 - Unspecified vulnerability in Cisco Trust Agent
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Cisco Secure ACS does not require authentication when Cisco Trust Agent (CTA) transmits posture information, which might allow remote attackers to gain network access via a spoofed Network Endpoint Assessment posture, aka "NACATTACK." NOTE: this attack might be limited to authenticated users and devices.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://osvdb.org/34123
- http://osvdb.org/34123
- http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Dror
- http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Dror
- http://www.cisco.com/en/US/products/products_security_response09186a00808110da.html
- http://www.cisco.com/en/US/products/products_security_response09186a00808110da.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33557
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33557