Cisco warns of vulnerabilities in NAC product

NAC in a box vulnerable to remote hackers

Networking equipment vendor Cisco Systems Inc. issued an advisory to customers Wednesday about two serious vulnerabilities in its Cisco Clean Access software, a network access control product.

The two issues could allow remote attackers to gain control of the devices, or glean sensitive data from Clean Access customers that could be used to compromise the Clean Access Manager (CAM) product, the company said.

Cisco Clean Access (also known as the Cisco NAC Appliance) is a network access control hardware device that allows companies to screen the machines of users who are attempting to connect to a network over wired, wireless, or remote VPN connections. Clean Access compares systems to established security policies and flag known violations, such as software vulnerabilities or inadequate operating system or antivirus software patch levels before network access is granted. Machines that aren't compliant can be denied access or quarantined.

According to Cisco Security Advisory 72379 , a problem with initial setup of the Cisco Clean Access Manager (CAM) and Clean Access Server (CAS) product makes it impossible to properly configure a "shared secret" that is used to authentication communications between the two devices. The result is that the shared secret cannot be properly set or changed and is identical on all CAM and CAS devices, Cisco said.

Remote hackers could take advantage of the vulnerability by establishing a TCP connection to the CAS device, Cisco said.

A second vulnerability in the Clean Access Manager allows malicious users to view backups of the CAM database without first authenticating on the CAM device. A flaw in the way database backups are stored makes it possible to guess the backup file name and download it without authenticating, Cisco said.

Backup files contain sensitive information about the Clean Access installation that could be used to compromise the CAM, including CAM user passwords stored in clear text, Cisco said.

Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies