Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco IOS XE Software MACsec MKA Using EAP-TLS Authentication Bypass Vulnerability
Vulnerability Description
A vulnerability in the MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass authentication and pass traffic through a Layer 3 interface of an affected device. The vulnerability is due to a logic error in the affected software. An attacker could exploit this vulnerability by connecting to and passing traffic through a Layer 3 interface of an affected device, if the interface is configured for MACsec MKA using EAP-TLS and is running in access-session closed mode. A successful exploit could allow the attacker to bypass 802.1x network access controls and gain access to the network.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Cisco IOS XE Software 访问控制错误漏洞
Vulnerability Description
Cisco IOS XE Software是美国思科(Cisco)公司的一套为其网络设备开发的操作系统。 Cisco IOS XE Software中的MACsec Key Agreement (MKA) using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS)功能存在访问控制错误漏洞,该漏洞源于受影响的软件中存在逻辑错误。攻击者可通过连接Layer 3接口并发送流量利用该漏洞绕过802.1x网络访问控制,获取网
CVSS Information
N/A
Vulnerability Type
N/A