How to Buy
This script is (C) 2011-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
Remote Authentication Dial In User Service (RADIUS) authentication on a
device that is running certain versions of Cisco Internetworking
Operating System (IOS) and configured with a fallback method to none
can be bypassed.
Systems that are configured for other authentication methods or that
are not configured with a fallback method to none are not affected.
Only the systems that are running certain versions of Cisco IOS are
affected. Not all configurations using RADIUS and none are vulnerable
to this issue. Some configurations using RADIUS, none and an additional
method are not affected.
Cisco has made free software available to address this vulnerability.
There are workarounds available to mitigate the effects of the
The vulnerabilities are documented as the following Cisco Bug IDs:
See also :
Apply the described patch (see plugin output).
Risk factor :
Nessus Plugin ID: 55424 ()
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.