{ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-2631", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "16472", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/16472/" }, { "name": "20050817 Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access", "refsource": "CISCO", "url": "http://www.cisco.com/warp/public/707/cisco-sa-20050817-cca.shtml" }, { "name": "14585", "refsource": "BID", "url": "http://www.securityfocus.com/bid/14585" }, { "name": "cisco-cca-security-bypass(21884)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21884" } ] } }