Vulnerability Details : CVE-2006-5660
Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server.
Products affected by CVE-2006-5660
- cpe:2.3:a:cisco:security_agent_management_center:5.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-5660
1.54%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 80 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-5660
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2006-5660
-
http://www.osvdb.org/30169
-
http://www.securityfocus.com/bid/20852
Patch
-
http://secunia.com/advisories/22684
About Secunia Research | Flexera
-
http://www.vupen.com/english/advisories/2006/4308
-
http://securitytracker.com/id?1017148
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/29955
Cisco Security Agent Management Center authentication bypass CVE-2006-5660 Vulnerability Report
-
http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.shtml
Cisco Products: Networking, Security, Data Center - CiscoPatch;Vendor Advisory
-
http://www.kb.cert.org/vuls/id/778648
US Government Resource
Jump to