CVE-2007-0058

Cisco Network Admission Control Manag... - Information Disclosure

Title source: rule
STIX 2.1

Description

Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager (CAM) allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file.

References (5)

Core 5
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/23556
Broken Link vdb-entry x_refsource_osvdb
http://www.osvdb.org/32579
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0030
Vendor Advisory vendor-advisory x_refsource_cisco
http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtml
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1017465

Scores

EPSS 0.0249
EPSS Percentile 82.7%

Details

CWE
CWE-200
Status published
Products (1)
cisco/network_admission_control_manager_and_server_system_software 3.5.0 - 3.5.9
Published Jan 04, 2007
Tracked Since Feb 18, 2026