发布时间 :2005-06-10 00:00:00
修订时间 :2016-10-17 23:23:20

[原文]Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages.

[CNNVD]Cisco switches 绕过安全检查漏洞(CNNVD-200506-100)


- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(UNKNOWN)  BUGTRAQ  20050610 Voice VLAN Access/Abuse Possible on Cisco voice-enabled, 802.1x-secured Interfaces Vulnerability Discovery: FishNet Security
(UNKNOWN)  CISCO  20050608 Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access
(VENDOR_ADVISORY)  XF  cisco-callmanager-voice-gain-access(20939)

- 漏洞信息

Cisco switches 绕过安全检查漏洞
高危 未知
2005-06-10 00:00:00 2005-10-20 00:00:00

- 公告与补丁


- 漏洞信息

Cisco 802.1x Crafted CDP Message Anonymous Voice VLAN Access
Physical Access Required Authentication Management, Input Manipulation, Misconfiguration
Loss of Confidentiality, Loss of Integrity

- 漏洞描述

Cisco VoIP phones with 802.1x authentication contain a flaw that may allow a malicious user to connect anonymously to the voice VLAN. The issue is triggered when a spoofed Cisco Discovery Protocol packet is sent through the Cisco IP phone to a switch which supports both 802.1x authentication and Cisco VoIP phones. It is possible that the flaw may allow 802.1x authentication to the voice VLAN rather than the data VLAN, resulting in a loss of confidentiality, and/or integrity.

- 时间线

2005-06-08 Unknow
Unknow Unknow

- 解决方案

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s): For switches with newer versions of CatOS software, DHCP snooping, port security, Dynamic ARP Inspection (DAI) and IP Source Guard may help to limit the scope of data link layer attacks. Cisco recommends that the user read their "Cisco Catalyst Integrated Security-Enabling the Self-Defending Network" whitepaper. Certificate-based authentication and encryption of voice signaling and media are available on newer versions of Cisco CallManager. Cisco also recommends that the user read the product data sheet for Cisco CallManager Version 4.1 for further information.

- 相关参考

- 漏洞作者