Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Directory Traversal Vulnerability in Cisco Network Admission Control Manager

cisco-sa-20111005-nac · High · Published · Updated

Cisco Network Admission Control (NAC) Manager contains a directory traversal vulnerability that may allow an unauthenticated attacker to obtain system information. There are no workarounds to mitigate this vulnerability. Cisco has released software updates that address this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-nac.

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds to mitigate this vulnerability.

Additional mitigation techniques that can be deployed on Cisco devices
within the network are available in the Cisco Applied Mitigation Bulletin
companion document for this advisory:
http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20111005-nac["http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20111005-nac"].

CVEsCVE-2011-3305
Cisco Bug IDsCSCtq10755
CVSS ScoreBase 7.8
Base 7.8 AV:N/AC:L/Au:N/C:N/I:C/A:N/E:F/RL:OF/RC:C/CDP:N/TD:N/CR:ND/IR:ND/AR:ND
Product Names From Source
Cisco NAC Appliance Software

Related Products

Product CVE Evidence
Cisco NAC Appliance Software CVE-2011-3305 Cisco OpenVuln