Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco Secure ACS does not require authentication when Cisco Trust Agent (CTA) transmits posture information, which might allow remote attackers to gain network access via a spoofed Network Endpoint Assessment posture, aka "NACATTACK." NOTE: this attack might be limited to authenticated users and devices.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Secure ACS 输入信息验证和权限提升漏洞
Vulnerability Description
当Cisco Trust Agent (CTA)发送posture信息时,Cisco Secure ACS没有要求对其进行认证,这使得远程攻击者可以借助一个受骗的Network Endpoint Assessment posture,获得网络访问权限。又称"NACATTACK"。
CVSS Information
N/A
Vulnerability Type
N/A