Cisco Network Admission Control (NAC) Agent on Mac OS X SSL Certificate Verification Vulnerability

CVE-2013-1124 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

The Cisco Network Admission Control (NAC) agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine (ISE) server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309.

Learn more about our Cis Benchmark Audit For Cisco.