CVE-2006-5660
🟡 Monitoruj
Obejście uwierzytelnienia w Cisco Security Agent Management Center pozwala na logowanie bez hasła.
CVSS
7.5
EPSS
1.7%
Exploit
none
Vendor
cisco
Opis źródłowy (NVD)
Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server.
auth-bypass
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 7.5 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 1.7% |
| Opublikowano (NVD) | 2006-11-03 00:07:00 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-23 00:35:47 UTC |
Referencje
- http://secunia.com/advisories/22684 (cve@mitre.org)
- http://securitytracker.com/id?1017148 (cve@mitre.org)
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.shtml (cve@mitre.org) [Patch, Vendor Advisory]
- http://www.kb.cert.org/vuls/id/778648 (cve@mitre.org) [US Government Resource]
- http://www.osvdb.org/30169 (cve@mitre.org)
- http://www.securityfocus.com/bid/20852 (cve@mitre.org) [Patch]
- http://www.vupen.com/english/advisories/2006/4308 (cve@mitre.org)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29955 (cve@mitre.org)