Cisco software vulnerable to attack

Robert Westervelt, News Director

Cisco Systems Inc. is warning customers of a flaw in its Cisco Clean Access (CCA) and Clean Access Manager (CAM) software that could be exploited by an attacker to download and view database snapshots without authentication.

The software works together to detect, isolate and clean infected or vulnerable devices that attempt to access the company network.

Cisco's Product Security Incident Response Team (PSIRT) said on Wednesday that the Clean Access Manager has an unchangeable shared secret flaw. Due to this vulnerability the shared secret can not be properly set or changed, making it the same across all affected devices. In order to exploit this vulnerability, an attacker must be able to establish a TCP connection to the Clean Access Server, Cisco said in its

    Requires Free Membership to View

advisory .

In addition, manual backups of the database taken by the CAM are susceptible to brute force download attacks, Cisco said. A malicious user can guess a file name and download it without authentication. The file itself is not encrypted or otherwise protected, Cisco said.

CCA releases 3.6.x -; 4.0.x - and 3.5.x are affected, as is CAM versions 3.5.9 and 3.6.x -

There are no workarounds for the flaws, PSIRT said.

The following software releases contain the fix for the shared secret flaw:, 4.0.4 and 4.1.0. The readable snapshot flaw is addressed in versions 3.5.10 and 3.6.2. All subsequent releases will contain the fix.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: