CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2004-1461
https://notcve.org/view.php?id=CVE-2004-1461
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address. • http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml http://www.securityfocus.com/bid/11047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17118 •
CVSS: 10.0EPSS: 2%CPEs: 3EXPL: 0CVE-2004-1099
https://notcve.org/view.php?id=CVE-2004-1099
Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1, when the EAP-TLS protocol is enabled, does not properly handle expired or untrusted certificates, which allows remote attackers to bypass authentication and gain unauthorized access via a "cryptographically correct" certificate with valid fields such as the username. Cisco Secure Access Control Server para Windows (ACS Windows) y Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) 3.3.1 cuando el protocolo EAP-TLS está permitido, no maneja adecuadamente certificados expirados o no confiables, lo que permite a atacantes remotos saltarse autenticación y ganar acceso no autorizado mediante un certificado "criptográficamente correcto" con campos válidos, como el nombre de usuario. • http://www.ciac.org/ciac/bulletins/p-028.shtml http://www.cisco.com/warp/public/707/cisco-sa-20041102-acs-eap-tls.shtml http://www.securityfocus.com/bid/11577 https://exchange.xforce.ibmcloud.com/vulnerabilities/17936 •