CVE-2001-1105

CVE Database · CVE-2001-1105

CVE-2001-1105

· N/AModified

CVSS v3.1

N/A

EPSS

2.63%

Published

Sep 12, 2001

Modified

Apr 15, 2026

Public PoC / Exploit (1)

All weaponized →

TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.

Affected Products (4)

cisco · icdnvulnerable

dell · bsafe_ssl-jvulnerable

References (10)

http://www.ciac.org/ciac/bulletins/l-141.shtml

PatchVendor Advisory

http://www.cisco.com/warp/public/707/SSL-J-pub.html

http://www.rsasecurity.com/products/bsafe/bulletins/BSAFE_SSL-J_3.x.SecurityBulletin.html

http://www.securityfocus.com/bid/3329

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/7112

http://www.ciac.org/ciac/bulletins/l-141.shtml

PatchVendor Advisory

http://www.cisco.com/warp/public/707/SSL-J-pub.html

http://www.rsasecurity.com/products/bsafe/bulletins/BSAFE_SSL-J_3.x.SecurityBulletin.html

KEV Catalog EPSS Scores Vendors All CVEs