RADIUS Authentication Bypass - Cisco Systems

This script is (C) 2011-2014 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Remote Authentication Dial In User Service (RADIUS) authentication on a
device that is running certain versions of Cisco Internetworking
Operating System (IOS) and configured with a fallback method to none
can be bypassed.
Systems that are configured for other authentication methods or that
are not configured with a fallback method to none are not affected.
Only the systems that are running certain versions of Cisco IOS are
affected. Not all configurations using RADIUS and none are vulnerable
to this issue. Some configurations using RADIUS, none and an additional
method are not affected.
Cisco has made free software available to address this vulnerability.
There are workarounds available to mitigate the effects of the
The vulnerabilities are documented as the following Cisco Bug IDs:

See also :


Solution :

Apply the described patch (see plugin output).

Risk factor :


Family: CISCO

Nessus Plugin ID: 55424 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now