CVE-2006-4983

Published: Sep 26, 2006Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Cisco NAC allows quarantined devices to communicate over the network with (1) DNS, (2) DHCP, and (3) EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols.

Affected (1)

Products: Cisco: Network Access Control

Cisco

1 product

Network Access Control

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Network Access Control	All versions

References (6)

http://www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf

Source: cve@mitre.org

http://www.osvdb.org/30977

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/446421/100/0/threaded

Source: cve@mitre.org

http://www.insightix.com/files/pdf/Bypassing_NAC_Solutions_Whitepaper.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/30977

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/446421/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.