CVE Database · CVE-2004-1460
CVSS v3.1
N/A
EPSS
1.57%
Published
Dec 31, 2004
Modified
Apr 15, 2026
Public PoC / Exploit (1)
All weaponized →Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.
Description
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier, when configured with an anonymous bind in Novell Directory Services (NDS) and authenticating NDS users with NDS, allows remote attackers to gain unauthorized access to AAA clients via a blank password.
Affected Products (10)
References (6)
