Vulnerabilities (CVE)

Filtered by vendor Cisco Subscribe
Filtered by product Network Admission Control
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-1124 2 Apple, Cisco 2 Mac Os X, Network Admission Control 2024-11-21 5.8 MEDIUM N/A
The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.
CVE-2008-1155 1 Cisco 1 Network Admission Control 2024-11-21 10.0 HIGH N/A
Cisco Network Admission Control (NAC) Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server (CAS) and Clean Access Manager (CAM) by sniffing error logs.
CVE-2006-4430 1 Cisco 2 Network Admission Control, Network Admission Control Manager And Server System Software 2024-11-21 5.0 MEDIUM N/A
The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms.