CVE-2001-1105

Published: Sep 12, 2001Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.

Affected (4)

Products: Cisco: Icdn · Dell: Bsafe Ssl J

1 product

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Cisco Icdn	Version 2.0
Dell Bsafe Ssl J	Version 3.0.1
Dell Bsafe Ssl J	Version 3.0
Dell Bsafe Ssl J	Version 3.1

References (10)

http://www.ciac.org/ciac/bulletins/l-141.shtml

Source: cve@mitre.org

PatchVendor Advisory

http://www.cisco.com/warp/public/707/SSL-J-pub.html

Source: cve@mitre.org

http://www.rsasecurity.com/products/bsafe/bulletins/BSAFE_SSL-J_3.x.SecurityBulletin.html

Source: cve@mitre.org

http://www.securityfocus.com/bid/3329

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7112

Source: cve@mitre.org

http://www.ciac.org/ciac/bulletins/l-141.shtml

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.cisco.com/warp/public/707/SSL-J-pub.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.rsasecurity.com/products/bsafe/bulletins/BSAFE_SSL-J_3.x.SecurityBulletin.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/3329

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7112

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.