RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-03-15T05:00:00

Updated: 2024-08-08T04:44:07.335Z

Reserved: 2002-03-15T00:00:00

Link: CVE-2001-1105

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2001-09-12T04:00:00.000

Modified: 2024-11-20T23:36:53.383

Link: CVE-2001-1105

cve-icon Redhat

No data.