Details of VAR-200506-0007

ID

VAR-200506-0007

CVE

CVE-2005-1942

TITLE

Cisco switches Bypass security check vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200506-100

DESCRIPTION

Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages. Catalyst is prone to a security bypass vulnerability

Trust: 1.26

sources: NVD: CVE-2005-1942 // BID: 89879 // VULHUB: VHN-13151

AFFECTED PRODUCTS

vendor:	cisco	model:	catalyst	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	catalyst	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	catalyst	scope:	eq	version:	0	Trust: 0.3

sources: BID: 89879 // CNNVD: CNNVD-200506-100 // NVD: CVE-2005-1942

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-1942
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200506-100
value:	HIGH
Trust: 0.6
VULHUB:	VHN-13151
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2005-1942
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-13151
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-13151 // CNNVD: CNNVD-200506-100 // NVD: CVE-2005-1942

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-1942

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200506-100

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200506-100

EXTERNAL IDS

db:	SECTRACK	id:	1014135	Trust: 2.0
db:	NVD	id:	CVE-2005-1942	Trust: 2.0
db:	XF	id:	20939	Trust: 0.9
db:	CNNVD	id:	CNNVD-200506-100	Trust: 0.7
db:	CISCO	id:	20050608 CISCO 802.1X VOICE-ENABLED INTERFACES ALLOW ANONYMOUS VOICE VLAN ACCESS	Trust: 0.6
db:	BUGTRAQ	id:	20050610 VOICE VLAN ACCESS/ABUSE POSSIBLE ON CISCO VOICE-ENABLED, 802.1X-SECURED INTERFACES VULNERABILITY DISCOVERY: FISHNET SECURITY	Trust: 0.6
db:	BID	id:	89879	Trust: 0.4
db:	VULHUB	id:	VHN-13151	Trust: 0.1

sources: VULHUB: VHN-13151 // BID: 89879 // CNNVD: CNNVD-200506-100 // NVD: CVE-2005-1942

REFERENCES

url:	http://www.cisco.com/warp/public/707/cisco-sn-20050608-8021x.shtml	Trust: 2.0
url:	http://www.fishnetsecurity.com/csirt/disclosure/cisco/cisco+802.1x+advisory.pdf	Trust: 2.0
url:	http://www.securitytracker.com/alerts/2005/jun/1014135.html	Trust: 2.0
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/20939	Trust: 1.1
url:	http://marc.info/?l=bugtraq&m=111842833009771&w=2	Trust: 1.0
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=111842833009771&w=2	Trust: 0.9
url:	http://xforce.iss.net/xforce/xfdb/20939	Trust: 0.9
url:	http://marc.info/?l=bugtraq&m=111842833009771&w=2	Trust: 0.1

sources: VULHUB: VHN-13151 // BID: 89879 // CNNVD: CNNVD-200506-100 // NVD: CVE-2005-1942

CREDITS

Unknown

Trust: 0.3

sources: BID: 89879

SOURCES

db:	VULHUB	id:	VHN-13151
db:	BID	id:	89879
db:	CNNVD	id:	CNNVD-200506-100
db:	NVD	id:	CVE-2005-1942

LAST UPDATE DATE

2024-08-14T14:48:04.095000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-13151	date:	2017-07-11T00:00:00
db:	BID	id:	89879	date:	2005-06-10T00:00:00
db:	CNNVD	id:	CNNVD-200506-100	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-1942	date:	2017-07-11T01:32:45.187

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-13151	date:	2005-06-10T00:00:00
db:	BID	id:	89879	date:	2005-06-10T00:00:00
db:	CNNVD	id:	CNNVD-200506-100	date:	2005-06-10T00:00:00
db:	NVD	id:	CVE-2005-1942	date:	2005-06-10T04:00:00