Vulnerabilities > Cisco > Network Admission Control Manager AND Server System Software > 3.6.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-04-18 | CVE-2013-1177 | SQL Injection vulnerability in Cisco Network Admission Control Manager and Server System Software SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095. | 7.5 |
2007-01-04 | CVE-2007-0058 | Information Exposure vulnerability in Cisco Network Admission Control Manager and Server System Software Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager (CAM) allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file. | 7.8 |
2007-01-04 | CVE-2007-0057 | Credentials Management vulnerability in Cisco Network Admission Control Manager and Server System Software Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access. | 10.0 |
2006-08-29 | CVE-2006-4430 | Unspecified vulnerability in Cisco products The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. | 5.0 |