Vulnerability Note VU#344900
Cisco IOS Easy VPN Server may allow unauthorized users to complete XAUTH authentication
A vulnerability in Cisco IOS Easy VPN Server may allow unauthorized users to complete XAUTH authentication and potentially access private network resources.
Easy VPN Server
Cisco IOS Easy VPN Server allows an IOS device to function as a VPN concentrator, providing authentication and encrypted access to network resources. Easy VPN Server was introduced in IOS 12.2(8)T.
A remote attacker may be able to gain unintended access to the private network on the affected device.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Cisco Systems Inc.||Affected||-||07 Apr 2005|
CVSS Metrics (Learn More)
This vulnerability was reported by the Cisco Systems Product Security Incident Response Team ( PSIRT ).
This document was written by Will Dormann.
- CVE IDs: CAN-2005-1057
- Date Public: 06 Apr 2005
- Date First Published: 08 Jun 2005
- Date Last Updated: 08 Jun 2005
- Severity Metric: 1.89
- Document Revision: 19
If you have feedback, comments, or additional information about this vulnerability, please send us email.