CVE-2007-1800

high Cisco
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
0.9%
Exploitation probability in 30 days
Top 25% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: April 2, 2007 (6981 days ago)
Last Modified: April 23, 2026
Vendor: Cisco
Source: NVD

Description

Cisco Secure ACS does not require authentication when Cisco Trust Agent (CTA) transmits posture information, which might allow remote attackers to gain network access via a spoofed Network Endpoint Assessment posture, aka "NACATTACK." NOTE: this attack might be limited to authenticated users and devices.

CWE

NVD-CWE-Other

Affected Products

cisco trust agent

References

🔗 osvdb.org 🔗 www.blackhat.com 🔗 www.cisco.com 🔗 exchange.xforce.ibmcloud.com 🔗 osvdb.org