Cisco issued an urgent security advisory on Wednesday warning users about a critical vulnerability that exists in the company's NAC appliance. The vulnerability allows an attacker to obtain the shared secret that is used between the Cisco Clean Access Server (CAS) and the Cisco Clean Access Manager (CAM). An attacker can obtain the shared secret from error logs that are transmitted over the network. Obtaining this information could enable an attacker to gain complete control of the CAS remotely. Cisco has forgone its biannual patching cycle to release this patch, The vulnerability rating is listed as a 10 on the CVSS scale. The patch is available here.
More from Cisco Subnet:
What not to love about Cisco routers as Linux app servers
Cisco partners must grow Cisco reseller business by $20B
Cisco drops plans to beta CCDE practical exam
Cisco's skill shortage math doesn't add up
3Com and Cisco dumb and dumber?
Nexus: Hands on with NX-OS
CCNP lab essentials
Jeff Doyle: Understanding MPLSGo to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more.
20 useful sites for Cisco networking professionals
This month's Cisco Subnet giveaways
Network World's IT Buyer's Guide: Cisco products
Subscribe to Network World's Cisco Alert, which includes a weekly digest of all Cisco Subnet items
|
Does Verizon's Voyager stack up to the iPhone? |
|
|
5 IT skills that won't boost your salary 
[1,407]
Women 4 times more likely than men to cough up personal info [589]
Japan's 10 funniest tech-related commercials [Videos] [407]
Throwing away a promo CD is "unauthorized distribution"? [1,265]
Adults too quick to dismiss educational video games [682]
Attack of the iPhone clones [Slideshow] [578]
10 things IT needs to know about AJAX [1,258]
This Year's 25 Geekiest 25th Anniversaries [Slideshow] [409]
|
|
