llhansen has reported a security issue in CCA (Cisco Clean Access), which can be exploited by malicious people to bypass certain security restrictions.
The security issue is caused due to the CCA Server relying on the "User-Agent" string sent by the user's browser to determine whether to install the CCA Agent. This can be bypassed by sending a fake "User-Agent" string.
Successful exploitation allows a Windows system to bypass host-based checks.
The security issue has been reported in versions 18.104.22.168 and 3.5.4.
Solution: See the vendor's advisory for recommended solutions.
Provided and/or discovered by: llhansen
Original Advisory: Cisco:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org