Vulnerability Details CVE-2006-4983
Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf
- http://www.osvdb.org/30977
- http://www.securityfocus.com/archive/1/446421/100/0/threaded
- http://www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf
- http://www.osvdb.org/30977
- http://www.securityfocus.com/archive/1/446421/100/0/threaded
Products affected by CVE-2006-4983
-
cpe:2.3:o:cisco:network_access_control:-