HIGH🇵🇱 Wersja polska

CVE-2001-1105

CVSS 7.5v2.0pub. 2001-09-12upd. 2026-04-16

RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.

CVSS Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
  • Cisco Icdn

    APP
    Cisco
    2.0
  • Dell Bsafe Ssl J

    APP
    Dell
    3.03.0.13.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2022-34381CRITICAL9.1PL ✓ten sam produkt

Dell BSAFE SSL-J i Crypto-J — niezaktualizowany komponent zewnętrzny umożliwia zdalne przejęcie systemu

CVE-2015-0534HIGH7.5ten sam produkt

EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6...

CVE-2004-0079HIGH7.5ten sam produkt

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers ...

CVE-2024-29171MEDIUM5.9ten sam produkt

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains an Improper certificate verific...

CVE-2024-29172MEDIUM5.9ten sam produkt

Dell BSAFE SSL-J, versions prior to 6.6 and versions 7.0 through 7.2, contains a deadlock vulnerability. A rem...