Cisco warns of vulnerabilities in NAC product

Two issues in Cisco's Clean Access software could allow remote attackers to gain control of the device

Networking equipment vendor Cisco Systems issued an advisory to customers Wednesday about two serious vulnerabilities in its Cisco Clean Access software, a network access control product.

The two issues could allow remote attackers to gain control of the devices, or glean sensitive data from Clean Access customers that could be used to compromise the Clean Access Manager (CAM) product, the company said.

Cisco Clean Access (also known as the Cisco NAC Appliance) is a network access control hardware device that allows companies to screen the machines of users who are attempting to connect to a network over wired, wireless, or remote VPN connections. Clean Access compares systems to established security policies and flag known violations, such as software vulnerabilities or inadequate operating system or antivirus software patch levels before network access is granted. Machines that aren't compliant can be denied access or quarantined.

According to Cisco Security Advisory 72379 , a problem with initial setup of the Cisco Clean Access Manager (CAM) and Clean Access Server (CAS) product makes it impossible to properly configure a "shared secret" that is used to authentication communications between the two devices. The result is that the shared secret cannot be properly set or changed and is identical on all CAM and CAS devices, Cisco said.

Remote hackers could take advantage of the vulnerability by establishing a TCP connection to the CAS device, Cisco said.

A second vulnerability in the Clean Access Manager allows malicious users to view backups of the CAM database without first authenticating on the CAM device. A flaw in the way database backups are stored makes it possible to guess the backup file name and download it without authenticating, Cisco said.

Backup files contain sensitive information about the Clean Access installation that could be used to compromise the CAM, including CAM user passwords stored in clear text, Cisco said.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Access ServerCiscoCisco

Show Comments