QwikSec

Security Database

CVE

CWE

Training

CVE-2007-1800

Published: Apr 2, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Cisco Secure ACS does not require authentication when Cisco Trust Agent (CTA) transmits posture information, which might allow remote attackers to gain network access via a spoofed Network Endpoint Assessment posture, aka "NACATTACK." NOTE: this attack might be limited to authenticated users and devices.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.blackhat.com/html/bh-europe-07/bh-eu-07-speakers.html#Dror

x_refsource_MISC

vdb-entry

x_refsource_OSVDB

20070330 NACATTACK Presentation

vendor-advisory

x_refsource_CISCO

cisco-acs-cta-unauthorized-access(33557)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.