CERTVU:778648Cisco Security Agent Management Center vulnerable to authentication bypass
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.241 Low
EPSS
Percentile
96.6%
Overview
Cisco Security Agent Management Center (CSAMC) may be vulnerable to authentication bypass when configured to use an external Lightweight Directory Access Protocol (LDAP) server for authentication.
Description
Cisco Security Agent Management Center (CSAMC) is a component of the CiscoWorks VPN. This core management software allows definition and distribution of policies, provides software updates, and maintains communications for Cisco Security Agents. Remote authentication to CSAMC can be configured using an external Lightweight Directory Access Protocol (LDAP) server. According to Cisco Security Advisory cisco-sa-20061101-csamc:
If CSAMC is configured to use LDAP for authentication, it is possible to supply a valid administrator username and blank (zero length) password and gain administrative access to the CSAMC application with the role privileges of the administrator.
Cisco states that this issue affects CSAMC 5.1 before 5.1.0.79.
Impact
A remote attacker with knowledge of a valid administrator username may be able to access the CSAMC with the role privileges of the administrator.
Solution
Update
Cisco has released an update to address this issue. See Cisco Security Advisory cisco-sa-20061101-csamc for more details.
Disable LDAP
According to Cisco Security Advisory cisco-sa-20061101-csamc:
It is possible to workaround this vulnerability by disabling external LDAP authentication and configuring administrators to authenticate against the local CSAMC database.
Vendor Information
778648
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Cisco Systems, Inc. __ Affected
Updated: November 08, 2006
Status
Affected
Vendor Statement
We have not received a statement from the vendor.
Vendor Information
The vendor has not provided us with any further information regarding this vulnerability.
Addendum
Refer to Cisco Security Advisory cisco-sa-20061101-csamc.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23778648 Feedback>).
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
- <http://www.cisco.com/warp/public/707/cisco-sa-20061101-csamc.shtml>
- <http://secunia.com/advisories/22684/>
Acknowledgements
This vulnerability was reported in Cisco Security Advisory cisco-sa-20061101-csamc.
This document was written by Chris Taschner.
Other Information
| CVE IDs: | CVE-2006-5660 |
|---|---|
| Severity Metric: | 18.43 Date Public: |
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.241 Low
EPSS
Percentile
96.6%