Lucene search

[email protected]CVE-2006-5660

HistoryNov 03, 2006 - 12:07 a.m.

CVE-2006-5660

2006-11-0300:07:00

[email protected]

web.nvd.nist.gov

cisco

security agent

csamc

ldap

authentication

bypass

vulnerability

cve-2006-5660

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.241 Low

EPSS

Percentile

96.6%

JSON

Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server.

Affected configurations

NVD

Node

ciscosecurity_agent_management_centerMatch5.1

CPENameOperatorVersion
cisco:security_agent_management_centercisco security agent management centereq5.1

CPE	Name	Operator	Version
cisco:security_agent_management_center	cisco security agent management center	eq	5.1

References

secunia.com/advisories/22684

securitytracker.com/id?1017148

www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.shtml

www.kb.cert.org/vuls/id/778648

www.osvdb.org/30169

www.securityfocus.com/bid/20852

www.vupen.com/english/advisories/2006/4308

exchange.xforce.ibmcloud.com/vulnerabilities/29955

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.2 High

AI Score

Confidence

Low

0.241 Low

EPSS

Percentile

96.6%

JSON

Related for CVE-2006-5660

nvd1 cert1 cvelist1 cisco1