CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2005-1058

Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.6%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5738
http://www.cisco.com/warp/public/707/cisco-sa-20050406-xauth.shtml
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5738

Products affected by CVE-2005-1058

Cisco » Ios » Version: 12.2t

cpe:2.3:o:cisco:ios:12.2t
Cisco » Ios » Version: 12.3

cpe:2.3:o:cisco:ios:12.3
Cisco » Ios » Version: 12.3t

cpe:2.3:o:cisco:ios:12.3t

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2005-1058

Products

Pricing

Contact Us