CVE-2005-2631 Information

Description

Cisco Clean Access (CCA) 3.3.0 to 3.3.9 3.4.0 to 3.4.5 and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods which could allow remote attackers to bypass security checks change the assigned role of a user or disconnect users.

Reference

http://secunia.com/advisories/16472/ http://www.cisco.com/warp/public/707/cisco-sa-20050817-cca.shtml http://www.securityfocus.com/bid/14585 https://exchange.xforce.ibmcloud.com/vulnerabilities/21884