CVE-2006-5660

Sažetak

Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server.

Reference

http://secunia.com/advisories/22684
http://securitytracker.com/id?1017148
http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.shtml
http://www.kb.cert.org/vuls/id/778648
http://www.osvdb.org/30169
http://www.securityfocus.com/bid/20852
http://www.vupen.com/english/advisories/2006/4308
https://exchange.xforce.ibmcloud.com/vulnerabilities/29955

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

20-07-2017 - 01:33

Objavljeno

03-11-2006 - 00:07