6.2 Medium
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.003 Low
EPSS
Percentile
65.4%
Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture validation.
CPE | Name | Operator | Version |
---|---|---|---|
apple:mac_os_x | apple mac os x | eq | * |
secunia.com/advisories/25598
securityreason.com/securityalert/2796
www.cisco.com/en/US/products/products_security_response09186a008085d645.html
www.osvdb.org/35340
www.securityfocus.com/archive/1/471041/100/0/threaded
www.securityfocus.com/bid/24415
www.securitytracker.com/id?1018217
www.vupen.com/english/advisories/2007/2140
exchange.xforce.ibmcloud.com/vulnerabilities/34807