Описание
The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.
The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-0764
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24689
- http://secunia.com/advisories/18904
- http://securityreason.com/securityalert/435
- http://securitytracker.com/id?1015637
- http://securitytracker.com/id?1015638
- http://www.cisco.com/en/US/products/products_security_advisory09186a008060519a.shtml
- http://www.osvdb.org/23237
- http://www.securityfocus.com/bid/16661
- http://www.vupen.com/english/advisories/2006/0612
EPSS
CVE ID
Связанные уязвимости
The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.
EPSS