CVE-2001-1105

high Cisco
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
0.0%
Exploitation probability in 30 days
Top 89% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: September 12, 2001 (9010 days ago)
Last Modified: April 16, 2026
Vendor: Cisco
Source: NVD

Description

RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.

CWE

NVD-CWE-Other

Affected Products

cisco icdndell bsafe ssl-j

References

🔗 www.ciac.org 🔗 www.cisco.com 🔗 www.rsasecurity.com 🔗 www.securityfocus.com 🔗 exchange.xforce.ibmcloud.com