Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-1124

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2013-1124
Last Modified 01 Mar 2013 10:09:33
Published 28 Feb 2013 06:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-1124

Summary

The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.

Vulnerable Systems

Application

  • Cisco Network Admission Control -


References

CISCO - 20130227 Cisco Network Admission Control Mac Agent Connects to ISE Server with Untrusted SSL Certificate


Last Updated: 27 May 2016 10:47:24