Cisco Policy Suite Information Leakage Vulnerability (CVE-2018-0134)

Cisco Policy Suite Information Leakage Vulnerability (CVE-2018-0134)
Cisco Policy Suite Information Leakage Vulnerability (CVE-2018-0134)

Release date:
Updated on:

Affected Systems:

Cisco Policy Suite

Description:

Bugtraq id: 102954
CVE (CAN) ID: CVE-2018-0134

Cisco Policy Suite is the Management Policy Suite.

Cisco Policy Suite has a security vulnerability in the RADIUS Authentication Module, which allows unauthenticated remote attackers to determine whether a user name is valid.

<* Source: vendor

Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-cps1
*>

Suggestion:

Vendor patch:

Cisco
-----
Cisco has released a Security Bulletin (cisco-sa-20180207-cps1) and patches for this:
Cisco-sa-20180207-cps1: Cisco Policy Suite RADIUS Authentication Information Disclosure Vulnerability
Link: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180207-cps1

Https://www.bkjia.com/Linux/2018-02/150937.htm