Vulnerabilities > Cisco > Network Admission Control Manager AND Server System Software > 3.6.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-04-18 | CVE-2013-1177 | SQL Injection vulnerability in Cisco Network Admission Control Manager and Server System Software SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095. | 7.5 |
2007-01-04 | CVE-2007-0058 | Information Exposure vulnerability in Cisco Network Admission Control Manager and Server System Software Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager (CAM) allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file. | 7.8 |
2007-01-04 | CVE-2007-0057 | Credentials Management vulnerability in Cisco Network Admission Control Manager and Server System Software Cisco Clean Access (CCA) 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access. | 10.0 |