Lucene search

[email protected]CVE-2006-0485

HistoryFeb 01, 2006 - 2:02 a.m.

CVE-2006-0485

2006-02-0102:02:00

[email protected]

web.nvd.nist.gov

cve-2006-0485

cisco ios

tcl shell

authentication

authorization

accounting

aaa

bug id

csceh73049

nvd

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.6%

JSON

The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.

Affected configurations

NVD

Node

ciscoiosMatch12.0t

ciscoiosMatch12.0xh

ciscoiosMatch12.0xk

ciscoiosMatch12.0xl

ciscoiosMatch12.0xn

ciscoiosMatch12.0xr

ciscoiosMatch12.1

ciscoiosMatch12.1aa

ciscoiosMatch12.1e

ciscoiosMatch12.1ec

ciscoiosMatch12.1ez

ciscoiosMatch12.1ga

ciscoiosMatch12.1gb

ciscoiosMatch12.1t

ciscoiosMatch12.1xa

ciscoiosMatch12.1xe

ciscoiosMatch12.1xh

ciscoiosMatch12.1xi

ciscoiosMatch12.1xj

ciscoiosMatch12.1xl

ciscoiosMatch12.1xm

ciscoiosMatch12.1xp

ciscoiosMatch12.1xq

ciscoiosMatch12.1xs

ciscoiosMatch12.1xt

ciscoiosMatch12.1xu

ciscoiosMatch12.1xv

ciscoiosMatch12.1xw

ciscoiosMatch12.1xy

ciscoiosMatch12.1xz

ciscoiosMatch12.1ya

ciscoiosMatch12.1yb

ciscoiosMatch12.1yd

ciscoiosMatch12.1ye

ciscoiosMatch12.1yf

ciscoiosMatch12.1yh

ciscoiosMatch12.1yi

ciscoiosMatch12.2

ciscoiosMatch12.2b

ciscoiosMatch12.2bw

ciscoiosMatch12.2by

ciscoiosMatch12.2dd

ciscoiosMatch12.2dx

ciscoiosMatch12.2mx

ciscoiosMatch12.2n

ciscoiosMatch12.2s

ciscoiosMatch12.2su

ciscoiosMatch12.2sw

ciscoiosMatch12.2sxb

ciscoiosMatch12.2sxd

ciscoiosMatch12.2sxe

ciscoiosMatch12.2sz

ciscoiosMatch12.2xa

ciscoiosMatch12.2xb

ciscoiosMatch12.2xc

ciscoiosMatch12.2xd

ciscoiosMatch12.2xg

ciscoiosMatch12.2xh

ciscoiosMatch12.2xj

ciscoiosMatch12.2xk

ciscoiosMatch12.2xl

ciscoiosMatch12.2xm

ciscoiosMatch12.2xq

ciscoiosMatch12.2xs

ciscoiosMatch12.2xt

ciscoiosMatch12.2xu

ciscoiosMatch12.2xv

ciscoiosMatch12.2xw

ciscoiosMatch12.2yb

ciscoiosMatch12.2yc

ciscoiosMatch12.2yd

ciscoiosMatch12.2ye

ciscoiosMatch12.2yh

ciscoiosMatch12.2yk

ciscoiosMatch12.2yl

ciscoiosMatch12.2ym

ciscoiosMatch12.2yn

ciscoiosMatch12.2yt

ciscoiosMatch12.2yu

ciscoiosMatch12.2yw

ciscoiosMatch12.2yx

ciscoiosMatch12.2yy

ciscoiosMatch12.2yz

ciscoiosMatch12.2zb

ciscoiosMatch12.2zc

ciscoiosMatch12.2zd

ciscoiosMatch12.2ze

ciscoiosMatch12.2zf

ciscoiosMatch12.2zh

ciscoiosMatch12.2zj

ciscoiosMatch12.2zl

ciscoiosMatch12.2zn

ciscoiosMatch12.2zp

ciscoiosMatch12.3

ciscoiosMatch12.3\(11\)yk2

ciscoiosMatch12.3\(11\)yl

ciscoiosMatch12.3b

ciscoiosMatch12.3t

ciscoiosMatch12.3xa

ciscoiosMatch12.3xb

ciscoiosMatch12.3xd

ciscoiosMatch12.3xe

ciscoiosMatch12.3xf

ciscoiosMatch12.3xg

ciscoiosMatch12.3xh

ciscoiosMatch12.3xi

ciscoiosMatch12.3xj

ciscoiosMatch12.3xk

ciscoiosMatch12.3xm

ciscoiosMatch12.3xq

ciscoiosMatch12.3xr

ciscoiosMatch12.3xw

ciscoiosMatch12.3xy

ciscoiosMatch12.3ya

ciscoiosMatch12.3yb

ciscoiosMatch12.3yf

ciscoiosMatch12.3yg

ciscoiosMatch12.3yh

ciscoiosMatch12.3yi

ciscoiosMatch12.3yj

ciscoiosMatch12.3yk

ciscoiosMatch12.3ym

ciscoiosMatch12.3yq

ciscoiosMatch12.3ys

ciscoiosMatch12.3yt

ciscoiosMatch12.3yu

ciscoiosMatch12.3yx

ciscoiosMatch12.4

ciscoiosMatch12.4mr

ciscoiosMatch12.4t

CPENameOperatorVersion
cisco:ioscisco ioseq12.0t
cisco:ioscisco ioseq12.0xh
cisco:ioscisco ioseq12.0xk
cisco:ioscisco ioseq12.0xl
cisco:ioscisco ioseq12.0xn
cisco:ioscisco ioseq12.0xr
cisco:ioscisco ioseq12.1
cisco:ioscisco ioseq12.1aa
cisco:ioscisco ioseq12.1e
cisco:ioscisco ioseq12.1ec

CPE	Name	Operator	Version
cisco:ios	cisco ios	eq	12.0t
cisco:ios	cisco ios	eq	12.0xh
cisco:ios	cisco ios	eq	12.0xk
cisco:ios	cisco ios	eq	12.0xl
cisco:ios	cisco ios	eq	12.0xn
cisco:ios	cisco ios	eq	12.0xr
cisco:ios	cisco ios	eq	12.1
cisco:ios	cisco ios	eq	12.1aa
cisco:ios	cisco ios	eq	12.1e
cisco:ios	cisco ios	eq	12.1ec

Rows per page:

1-10 of 1301

References

secunia.com/advisories/18613

securitytracker.com/id?1015543

www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml

www.osvdb.org/34892

www.securityfocus.com/bid/16383

www.vupen.com/english/advisories/2006/0337

exchange.xforce.ibmcloud.com/vulnerabilities/24308

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5836

4.6 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

25.6%

JSON

Related for CVE-2006-0485

cvelist1 prion1 nvd1 nessus1