Details of VAR-200512-0320

ID

VAR-200512-0320

CVE

CVE-2005-4825

TITLE

Secure Smart Manager Cisco Clean Access Denial of service attack vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200512-879

DESCRIPTION

Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332. Cisco Clean Access (CCA) is prone to a denial-of-service vulnerability

Trust: 1.26

sources: NVD: CVE-2005-4825 // BID: 88665 // VULHUB: VHN-16033

AFFECTED PRODUCTS

vendor:	cisco	model:	network admission control manager and server system software	scope:	eq	version:	3.5.5	Trust: 1.6
vendor:	cisco	model:	network admission control manager and server system software	scope:	eq	version:	3.5.4	Trust: 1.6
vendor:	cisco	model:	network admission control manager and server system software	scope:	eq	version:	3.5.3	Trust: 1.6
vendor:	cisco	model:	network admission control manager and server system software	scope:	eq	version:	3.5\(9\)	Trust: 1.0
vendor:	cisco	model:	network admission control manager and server system software	scope:	eq	version:	3.5.2	Trust: 1.0
vendor:	cisco	model:	network admission control manager and server system software	scope:	eq	version:	3.5.1	Trust: 1.0
vendor:	cisco	model:	network admission control manager and server system software	scope:	eq	version:	3.5	Trust: 1.0
vendor:	cisco	model:	clean access	scope:	eq	version:	3.5.5	Trust: 0.9
vendor:	cisco	model:	clean access	scope:	eq	version:	3.5.4	Trust: 0.9
vendor:	cisco	model:	clean access	scope:	eq	version:	3.5.3	Trust: 0.9
vendor:	cisco	model:	clean access	scope:	eq	version:	3.5.2	Trust: 0.9
vendor:	cisco	model:	clean access	scope:	eq	version:	3.5.1	Trust: 0.9
vendor:	cisco	model:	clean access	scope:	eq	version:	3.5	Trust: 0.9
vendor:	cisco	model:	clean access	scope:	eq	version:	3.59	Trust: 0.6
vendor:	cisco	model:	clean access	scope:	eq	version:	3.5(9)	Trust: 0.3

sources: BID: 88665 // CNNVD: CNNVD-200512-879 // NVD: CVE-2005-4825

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-4825
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200512-879
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-16033
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-4825
severity:	MEDIUM
baseScore:	5.7
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-16033
severity:	MEDIUM
baseScore:	5.7
vectorString:	AV:A/AC:M/AU:N/C:N/I:N/A:C
accessVector:	ADJACENT_NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	5.5
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-16033 // CNNVD: CNNVD-200512-879 // NVD: CVE-2005-4825

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-4825

THREAT TYPE

specific network environment

Trust: 0.6

sources: CNNVD: CNNVD-200512-879

TYPE

unknown

Trust: 0.6

sources: CNNVD: CNNVD-200512-879

EXTERNAL IDS

db:	NVD	id:	CVE-2005-4825	Trust: 2.0
db:	OSVDB	id:	21959	Trust: 1.7
db:	CNNVD	id:	CNNVD-200512-879	Trust: 0.7
db:	BUGTRAQ	id:	20051216 DOS IN CISCO CLEAN ACCESS	Trust: 0.6
db:	CISCO	id:	20051221 RESPONSE TO DOS IN CISCO CLEAN ACCESS	Trust: 0.6
db:	BID	id:	88665	Trust: 0.4
db:	VULHUB	id:	VHN-16033	Trust: 0.1

sources: VULHUB: VHN-16033 // BID: 88665 // CNNVD: CNNVD-200512-879 // NVD: CVE-2005-4825

REFERENCES

url:	http://www.securityfocus.com/archive/1/419645/30/0/threaded	Trust: 2.0
url:	http://www.cisco.com/warp/public/707/cisco-response-20051221-cca.shtml	Trust: 2.0
url:	http://www.osvdb.org/21959	Trust: 1.7

sources: VULHUB: VHN-16033 // BID: 88665 // CNNVD: CNNVD-200512-879 // NVD: CVE-2005-4825

CREDITS

Unknown

Trust: 0.3

sources: BID: 88665

SOURCES

db:	VULHUB	id:	VHN-16033
db:	BID	id:	88665
db:	CNNVD	id:	CNNVD-200512-879
db:	NVD	id:	CVE-2005-4825

LAST UPDATE DATE

2024-08-14T14:35:41.347000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-16033	date:	2018-10-30T00:00:00
db:	BID	id:	88665	date:	2005-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200512-879	date:	2007-01-30T00:00:00
db:	NVD	id:	CVE-2005-4825	date:	2018-10-30T16:26:16.310

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-16033	date:	2005-12-31T00:00:00
db:	BID	id:	88665	date:	2005-12-31T00:00:00
db:	CNNVD	id:	CNNVD-200512-879	date:	2005-12-31T00:00:00
db:	NVD	id:	CVE-2005-4825	date:	2005-12-31T05:00:00