Lucene search

[email protected]CVE-2007-3184

HistoryJun 12, 2007 - 9:30 p.m.

CVE-2007-3184

2007-06-1221:30:00

CWE-287

[email protected]

web.nvd.nist.gov

cisco

trust agent

cta

macos x

authentication bypass

system preferences

password modification

acs

nvd

cve-2007-3184

6.2 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

65.4%

JSON

Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture validation.

CPENameOperatorVersion
apple:mac_os_xapple mac os xeq*

CPE	Name	Operator	Version
apple:mac_os_x	apple mac os x	eq	*

References

secunia.com/advisories/25598

securityreason.com/securityalert/2796

www.cisco.com/en/US/products/products_security_response09186a008085d645.html

www.osvdb.org/35340

www.securityfocus.com/archive/1/471041/100/0/threaded

www.securityfocus.com/bid/24415

www.securitytracker.com/id?1018217

www.vupen.com/english/advisories/2007/2140

exchange.xforce.ibmcloud.com/vulnerabilities/34807

6.2 Medium

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

65.4%

JSON

Related for CVE-2007-3184

prion1 cisco1