Preview Tool

Cisco Bug: CSCuq30715 - Inactive accounting under isakmp profile causes cashUserID leakage

Last Modified

Nov 27, 2020

Products (17)

  • Cisco 2600 Series Multiservice Platforms
  • Cisco 7301 Router
  • Cisco 7206 Router
  • Cisco ME 3600X-24TS-M Switch
  • Cisco 7206VXR Router
  • Cisco 7204 Router
  • Cisco 7202 Router
  • Cisco ME 3600X-24CX-M Switch
  • Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks
  • Cisco 7600 Series Route Switch Processor 720 with Multilayer Switch Feature Card
View all products in Bug Search Tool Login Required

Known Affected Releases

15.2(4)S1 15.2(4)S4.9

Description (partial)

aaa-session-mib "cashUserID" can be collected  even if a corresponding accounting configuration is inactive (meaning record-type as none). Moreover, cashUserID never disappears even after actual vpn sessions are all terminated.

This problem is observed if the step below is followed -

- Configure accounting setting under isakmp profile.
- The accounting record-type is set as none.
- Form remote access vpn session using the profile.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.