Improper input validation in Cisco Context_directory_agent
CVE-2014-0654
Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383.
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.008 (73.9th percentile) — read the EPSS interpretation.
Affected products
- Cisco Context_directory_agent
- N/a — versions n/a
Weakness classification (CWE)
References
- 1029574 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
- psirt@cisco.com (x_refsource_CONFIRM, Vendor Advisory)
- 64709 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
- 56365 (x_refsource_SECUNIA, third-party-advisory)
- 20140107 Cisco Context Directory Agent Replayed RADIUS Accounting Message Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- 101802 (x_refsource_OSVDB, vdb-entry)
- cisco-cda-cve20140654-sec-bypass(90168) (vdb-entry, x_refsource_XF)