NVD

Id
37374  
Name
CVE-2013-1124  
Description
The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.  
Reject
 
CVSS Version
2  
CVSS Score
5.8  
Severity
Medium  
CVSS Base Score
5.8  
CVSS Impact Subscore
4.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:P/I:P/A:N)  
Pub Date
2017-01-18  
Published
2013-02-28  
Modified Date
2013-03-01  
Seq
2013-1124  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
190837 37374 CVE-2013-1124 20130227 Cisco Network Admission Control Mac Agent Connects to ISE Server with Untrusted SSL Certificate  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
20132 JVNDB-2013-001707 Mac OS X 上で稼働する Cisco NAC エージェントにおける ISE サーバになりすまされる脆弱性 Mac OS X 上で稼働する Cisco Network Admission Control (NAC) エージェントは、SSL セッションの際、Identity Services Engine (ISE) サーバの X.509 証明書を検証しないため、ISE サーバになりすまされる脆弱性が存在します。 CVE-2013-1124 61066 CVE-2013-1124 37374 5.8 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001707.html 2013-02-27 2013-03-04 View