Clean Access Manager contains a flaw that may allow a remote denial of service. The issue is caused by the ieee8021x.jsp script failing to require a username and password in order to upload files, and will result in loss of availability for the platform if an attacker chooses to fill the partition with files.
Remote / Network Access
Loss of Availability
Upgrade to version 3.6(1) or higher, as it has been reported to fix this vulnerability. In addition, Cisco has released a patch for some older versions.