RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.
AV:N/AC:L/Au:N/C:P/I:P/A:PCisco Icdn
APPCisco2.0Dell Bsafe Ssl J
APPDell3.03.0.13.1
Related vulnerabilities
Dell BSAFE SSL-J i Crypto-J — niezaktualizowany komponent zewnętrzny umożliwia zdalne przejęcie systemu
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6...
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers ...
Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verific...
Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. A rem...