Back to search
CVE-2013-3466
Published: Aug 29, 2013
Modified: Aug 6, 2024
PUBLISHED
Description
The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server configuration is enabled, does not properly parse user identities, which allows remote attackers to execute arbitrary commands via crafted EAP-FAST packets, aka Bug ID CSCui57636.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20130828 Cisco Secure Access Control Server Remote Command Execution Vulnerability
vendor-advisory
x_refsource_CISCO
1028958
vdb-entry
x_refsource_SECTRACK
96668
vdb-entry
x_refsource_OSVDB
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now