Vulnslist

find the latest Cisco vulnerabilities

Multiple Vulnerabilities in 802.1X Supplicant

cisco-sa-20070221-supplicant · High · Published · Updated

The Cisco Secure Services Client (CSSC) is a software client that enables customers to deploy a single authentication framework using the 802.1X authentication standard across multiple device types to access both wired and wireless networks. A lightweight version of the CSSC client is also a component of the Cisco Trust Agent (CTA) within the Cisco Network Admission Control (NAC) Framework solution. These products are affected by multiple vulnerabilities including privilege escalations and information disclosure. Cisco Security Agent (CSA) bundle versions 5.0 and 5.1 included Cisco Trust Agent software within the bundle. Customers who have deployed CTA as part of their CSA client package may be vulnerable if the version of CTA included is a version which is affected. This vulnerability does not impact the the CSA client or server software. Cisco has made free software available to address these vulnerabilities for affected customers. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20070221-supplicant.

Cisco advisory ·CSAF JSON

Workarounds

No workaround information imported yet.

CVEsCVE-2007-1064, CVE-2007-1065, CVE-2007-1066, CVE-2007-1068
Cisco Bug IDsNA
CVSS ScoreBase 7.0
Product Names From Source
Cisco Security Agent, Cisco Trust Agent, Cisco Secure Services Client, Cisco Meetinghouse AEGIS SecureConnect

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2007-1068 Cisco OpenVuln
Cisco RV Series Routers CVE-2007-1066 Cisco OpenVuln
Cisco RV Series Routers CVE-2007-1065 Cisco OpenVuln
Cisco RV Series Routers CVE-2007-1064 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2007-1068 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2007-1066 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2007-1065 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2007-1064 Cisco OpenVuln
Cisco Catalyst PON Series Switches CVE-2007-1068 Cisco OpenVuln
Cisco Catalyst PON Series Switches CVE-2007-1066 Cisco OpenVuln
Cisco Catalyst PON Series Switches CVE-2007-1065 Cisco OpenVuln
Cisco Catalyst PON Series Switches CVE-2007-1064 Cisco OpenVuln
Cisco Application Centric Infrastructure Virtual Edge CVE-2007-1068 Cisco OpenVuln
Cisco Application Centric Infrastructure Virtual Edge CVE-2007-1066 Cisco OpenVuln
Cisco Application Centric Infrastructure Virtual Edge CVE-2007-1065 Cisco OpenVuln
Cisco Application Centric Infrastructure Virtual Edge CVE-2007-1064 Cisco OpenVuln
Cisco Trust Agent CVE-2007-1068 Cisco OpenVuln
Cisco Trust Agent CVE-2007-1066 Cisco OpenVuln
Cisco Trust Agent CVE-2007-1065 Cisco OpenVuln
Cisco Trust Agent CVE-2007-1064 Cisco OpenVuln
Cisco Security Agent CVE-2007-1068 Cisco OpenVuln
Cisco Security Agent CVE-2007-1066 Cisco OpenVuln
Cisco Security Agent CVE-2007-1065 Cisco OpenVuln
Cisco Security Agent CVE-2007-1064 Cisco OpenVuln
Cisco Secure Services Client CVE-2007-1068 Cisco OpenVuln
Cisco Secure Services Client CVE-2007-1066 Cisco OpenVuln
Cisco Secure Services Client CVE-2007-1065 Cisco OpenVuln
Cisco Secure Services Client CVE-2007-1064 Cisco OpenVuln
Cisco Meetinghouse AEGIS SecureConnect CVE-2007-1068 Cisco OpenVuln
Cisco Meetinghouse AEGIS SecureConnect CVE-2007-1066 Cisco OpenVuln
Cisco Meetinghouse AEGIS SecureConnect CVE-2007-1065 Cisco OpenVuln
Cisco Meetinghouse AEGIS SecureConnect CVE-2007-1064 Cisco OpenVuln