Cisco: >> Network Admission Control Manager And Server System Software >> 3.5.8 Security Vulnerabilities
SQL injection vulnerability in Cisco Network Admission Control (NAC) Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095.
CVSS Score
7.5
EPSS Score
0.004
Published
2013-04-18
Cisco Clean Access (CCA) 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager (CAM) allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file.
CVSS Score
7.8
EPSS Score
0.011
Published
2007-01-04