Two vulnerabilities have been identified in Cisco Clean Access (CCA), which could be exploited by remote attackers to bypass security restrictions or gain knowledge of sensitive information.
The first issue is due to a design error where the shared secret configured during the initial Cisco Clean Access Manager (CAM) and Cisco Clean Access Server (CAS) setup is not properly set and can not be modified, which could be exploited by remote unauthenticated attackers to gain unauthorized administrative access to a vulnerable server.
The second vulnerability is caused due to a design error where manual backups of the database (snapshots) taken on CAM are created with predictable file names, which could be exploited by remote attackers to guess the database file name and download it without authentication.
Credits
Vulnerabilities reported by the vendor and Chris Hartley (Ohio State University)
ChangeLog
2007-01-03 : Initial release
Vulnerability Management
Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
French
