published date: July 5, 2005

CVE-2005-2105 : Cisco IOS 12.2T through...

Description

Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username.

Product(s):

Cisco IOS 12.2(2)XR
Cisco IOS 12.2(4)XR
Cisco IOS 12.2T
Cisco IOS 12.2XB
Cisco IOS 12.2XC
Cisco IOS 12.2XD
Cisco IOS 12.2XE
Cisco IOS 12.2XF
Cisco IOS 12.2XG
Cisco IOS 12.2XH
Cisco IOS 12.2XI
Cisco IOS 12.2XJ
Cisco IOS 12.2XK
Cisco IOS 12.2XL
Cisco IOS 12.2XM
Cisco IOS 12.2XQ
Cisco IOS 12.2XR
Cisco IOS 12.2XT
Cisco IOS 12.2XW
Cisco IOS 12.2YA
Cisco IOS 12.2YB
Cisco IOS 12.2YC
Cisco IOS 12.2YD
Cisco IOS 12.2YF
Cisco IOS 12.2YG
Cisco IOS 12.2YH
Cisco IOS 12.2YJ
Cisco IOS 12.2YL
Cisco IOS 12.2YM
Cisco IOS 12.2YN
Cisco IOS 12.2YP
Cisco IOS 12.2YQ
Cisco IOS 12.2YR
Cisco IOS 12.2YT
Cisco IOS 12.2YU
Cisco IOS 12.2YV
Cisco IOS 12.2YW
Cisco IOS 12.2YY
Cisco IOS 12.2ZB
Cisco IOS 12.2ZC
Cisco IOS 12.2ZD
Cisco IOS 12.2ZE
Cisco IOS 12.2ZF
Cisco IOS 12.2ZG
Cisco IOS 12.2ZH
Cisco IOS 12.2ZJ
Cisco IOS 12.2ZL
Cisco IOS 12.2ZN
Cisco IOS 12.2ZO
Cisco IOS 12.2ZP
Cisco IOS 12.3B
Cisco IOS 12.3BC
Cisco IOS 12.3BW
Cisco IOS 12.3JA
Cisco IOS 12.3T
Cisco IOS 12.3XA
Cisco IOS 12.3XB
Cisco IOS 12.3XC
Cisco IOS 12.3XD
Cisco IOS 12.3XE
Cisco IOS 12.3XF
Cisco IOS 12.3XG
Cisco IOS 12.3XH
Cisco IOS 12.3XI
Cisco IOS 12.3XJ
Cisco IOS 12.3XK
Cisco IOS 12.3XL
Cisco IOS 12.3XM
Cisco IOS 12.3XN
Cisco IOS 12.3XQ
Cisco IOS 12.3XR
Cisco IOS 12.3XS
Cisco IOS 12.3XT
Cisco IOS 12.3XU
Cisco IOS 12.3XW
Cisco IOS 12.3XX
Cisco IOS 12.3XY
Cisco IOS 12.3YA
Cisco IOS 12.3YB
Cisco IOS 12.3YD
Cisco IOS 12.3YF
Cisco IOS 12.3YG
Cisco IOS 12.3YH
Cisco IOS 12.3YI
Cisco IOS 12.3YJ
Cisco IOS 12.3YK
Cisco IOS 12.3YL
Cisco IOS 12.3YN
Cisco IOS 12.3YQ
Cisco IOS 12.3YR
Cisco IOS 12.3YS
Cisco IOS 12.4

CVSS:7.5 [Critical]
EPSS:0.78%
Exploitability:10
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-2005-2105, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2005-2105 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

https://nvd.nist.gov/vuln/detail/CVE-2005-2105

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales