HIGH🇬🇧 English

CVE-2001-1105

CVSS 7.5v2.0pub. 2001-09-12upd. 2026-04-16

RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.

oryginał EN
CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Cisco Icdn

    APP
    Cisco
    2.0
  • Dell Bsafe Ssl J

    APP
    Dell
    3.03.0.13.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2022-34381CRITICAL9.1PL ✓ten sam produkt

Dell BSAFE SSL-J i Crypto-J — niezaktualizowany komponent zewnętrzny umożliwia zdalne przejęcie systemu

CVE-2015-0534HIGH7.5ten sam produkt

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6...

CVE-2004-0079HIGH7.5ten sam produkt

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers ...

CVE-2024-29171MEDIUM5.9ten sam produkt

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verific...

CVE-2024-29172MEDIUM5.9ten sam produkt

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. A rem...