CVE-2005-4499

The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS.

Published: 2005-12-22 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2005-4499 is rated Moderate Risk (57.3/100): CVSS High severity, with medium exploitation likelihood (EPSS 1.97%). Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2005-4499

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 1.90% 1.97% +0.07%
2 2025-03-30 1.66% 1.90% +0.24%
3 2025-03-29 1.66%

Full EPSS history (8 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2005-4499

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 2.0 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
 10.0 6.4 [email protected]

Weakness enumeration for CVE-2005-4499

OS Trackers for CVE-2005-4499

vendor priority summary link
alpine CVE-2005-4499: no source package rows; 0 state rows across 0 repos (none); fixed 0, open 0. https://security.alpinelinux.org/vuln/CVE-2005-4499

Affected software / configurations for CVE-2005-4499

Vendor Product Version Raw CPE
cisco vpn_3001_concentrator cpe:2.3:h:cisco:vpn_3001_concentrator:*:*:*:*:*:*:*:*
cisco vpn_3015_concentrator cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*
cisco vpn_3020_concentrator cpe:2.3:h:cisco:vpn_3020_concentrator:*:*:*:*:*:*:*:*
cisco vpn_3030_concentator cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*
cisco vpn_3060_concentrator cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*
cisco vpn_3080_concentrator cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*
cisco adaptive_security_appliance_software 7.0 cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*
cisco adaptive_security_appliance_software 7.0\(4\) cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\(4\):*:*:*:*:*:*:*
cisco adaptive_security_appliance_software 7.0.1.4 cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*
cisco adaptive_security_appliance_software 7.0.4.3 cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 2.0 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.0:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 2.5.2.a cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.a:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 2.5.2.b cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.b:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 2.5.2.c cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.c:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 2.5.2.d cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.d:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 2.5.2.f cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:2.5.2.f:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.0 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.0.3.a cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.a:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.0.3.b cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.3.b:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.0.4 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.0.4:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.1 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.1\(rel\) cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1\(rel\):*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.1.1 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.1:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.1.2 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.2:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.1.4 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.1.4:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.5\(rel\) cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5\(rel\):*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.5.1 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.1:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.5.2 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.2:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.5.3 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.3:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.5.4 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.4:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.5.5 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.5.5:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.1 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.1:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.3 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.3:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.5 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.5:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.7 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.7.a cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.a:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.7.b cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.b:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.7.c cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.c:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.7.d cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.d:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.7.f cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7.f:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 3.6.7d cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:3.6.7d:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 4.0 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 4.0.1 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.1:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 4.0.2 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.2:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 4.0.5.b cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.0.5.b:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 4.1.5.b cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.5.b:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 4.1.7.a cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.a:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 4.1.7.b cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.1.7.b:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 4.7.1 cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1:*:*:*:*:*:*:*
cisco vpn_3000_concentrator_series_software 4.7.1.f cpe:2.3:o:cisco:vpn_3000_concentrator_series_software:4.7.1.f:*:*:*:*:*:*:*
cisco vpn_3005_concentrator_software 4.0.1 cpe:2.3:o:cisco:vpn_3005_concentrator_software:4.0.1:*:*:*:*:*:*:*
cisco vpn_3030_concentator 4.7.1 cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1:*:*:*:*:*:*:*
cisco vpn_3030_concentator 4.7.1.f cpe:2.3:o:cisco:vpn_3030_concentator:4.7.1.f:*:*:*:*:*:*:*
cisco pix_asa_ids cpe:2.3:a:cisco:pix_asa_ids:*:*:*:*:*:*:*:*
cisco pix_firewall 6.2.2_.111 cpe:2.3:a:cisco:pix_firewall:6.2.2_.111:*:*:*:*:*:*:*
cisco pix_firewall 6.2.3_\(110\) cpe:2.3:a:cisco:pix_firewall:6.2.3_\(110\):*:*:*:*:*:*:*
cisco pix_firewall 6.3.3_\(133\) cpe:2.3:a:cisco:pix_firewall:6.3.3_\(133\):*:*:*:*:*:*:*
cisco secure_access_control_server cpe:2.3:a:cisco:secure_access_control_server:*:*:*:*:*:*:*:*
cisco secure_access_control_server 2.0 cpe:2.3:a:cisco:secure_access_control_server:2.0:*:unix:*:*:*:*:*
cisco secure_access_control_server 2.1 cpe:2.3:a:cisco:secure_access_control_server:2.1:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 2.3 cpe:2.3:a:cisco:secure_access_control_server:2.3:*:unix:*:*:*:*:*
cisco secure_access_control_server 2.3 cpe:2.3:a:cisco:secure_access_control_server:2.3:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 2.3.5.1 cpe:2.3:a:cisco:secure_access_control_server:2.3.5.1:*:unix:*:*:*:*:*
cisco secure_access_control_server 2.3.6.1 cpe:2.3:a:cisco:secure_access_control_server:2.3.6.1:*:unix:*:*:*:*:*
cisco secure_access_control_server 2.4 cpe:2.3:a:cisco:secure_access_control_server:2.4:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 2.5 cpe:2.3:a:cisco:secure_access_control_server:2.5:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 2.6 cpe:2.3:a:cisco:secure_access_control_server:2.6:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 2.6.2 cpe:2.3:a:cisco:secure_access_control_server:2.6.2:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 2.6.3 cpe:2.3:a:cisco:secure_access_control_server:2.6.3:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 2.6.4 cpe:2.3:a:cisco:secure_access_control_server:2.6.4:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 2.42 cpe:2.3:a:cisco:secure_access_control_server:2.42:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 3.0 cpe:2.3:a:cisco:secure_access_control_server:3.0:*:*:*:*:*:*:*
cisco secure_access_control_server 3.0 cpe:2.3:a:cisco:secure_access_control_server:3.0:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 3.0.1 cpe:2.3:a:cisco:secure_access_control_server:3.0.1:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 3.0.3 cpe:2.3:a:cisco:secure_access_control_server:3.0.3:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 3.1 cpe:2.3:a:cisco:secure_access_control_server:3.1:*:*:*:*:*:*:*
cisco secure_access_control_server 3.1.1 cpe:2.3:a:cisco:secure_access_control_server:3.1.1:*:windows_nt:*:*:*:*:*
cisco secure_access_control_server 3.2 cpe:2.3:a:cisco:secure_access_control_server:3.2:*:*:*:*:*:*:*
cisco secure_access_control_server 3.2 cpe:2.3:a:cisco:secure_access_control_server:3.2:*:windows_server:*:*:*:*:*

References for CVE-2005-4499

cvelogic Threat Intelligence