Lucene search

[email protected]CVE-2006-0764

HistoryFeb 18, 2006 - 2:02 a.m.

CVE-2006-0764

2006-02-1802:02:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cisco

anomaly detection

mitigation

aaa

authentication bypass

cve-2006-0764

nvd

7.4 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.5%

JSON

The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a “tacacs-server host” command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.

CPENameOperatorVersion
cisco:traffic_anomaly_detector_modulecisco traffic anomaly detector moduleeq5.0\(3\)
cisco:traffic_anomaly_detector_modulecisco traffic anomaly detector moduleeq5.0\(1\)
cisco:guardcisco guardeq5.0\(3\)
cisco:anomaly_guard_modulecisco anomaly guard moduleeq5.0\(1\)
cisco:anomaly_guard_modulecisco anomaly guard moduleeq5.0\(3\)
cisco:guardcisco guardeq5.0\(1\)

CPE	Name	Operator	Version
cisco:traffic_anomaly_detector_module	cisco traffic anomaly detector module	eq	5.0\(3\)
cisco:traffic_anomaly_detector_module	cisco traffic anomaly detector module	eq	5.0\(1\)
cisco:guard	cisco guard	eq	5.0\(3\)
cisco:anomaly_guard_module	cisco anomaly guard module	eq	5.0\(1\)
cisco:anomaly_guard_module	cisco anomaly guard module	eq	5.0\(3\)
cisco:guard	cisco guard	eq	5.0\(1\)

References

secunia.com/advisories/18904

securityreason.com/securityalert/435

securitytracker.com/id?1015637

securitytracker.com/id?1015638

www.cisco.com/en/US/products/products_security_advisory09186a008060519a.shtml

www.osvdb.org/23237

www.securityfocus.com/bid/16661

www.vupen.com/english/advisories/2006/0612

exchange.xforce.ibmcloud.com/vulnerabilities/24689

7.4 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.5%

JSON

Related for CVE-2006-0764

prion1 cisco1