exploitDog

CVE-2006-0764

Опубликовано: 18 фев. 2006

Источник: nvd

CVSS2: 5.1

EPSS Низкий

Описание

The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:cisco:anomaly_guard_module:5.0\(1\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:anomaly_guard_module:5.0\(3\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:guard:5.0\(1\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:guard:5.0\(3\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:traffic_anomaly_detector_module:5.0\(1\):*:*:*:*:*:*:*

cpe:2.3:h:cisco:traffic_anomaly_detector_module:5.0\(3\):*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00811

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-wv29-49fv-jfg9

github

почти 4 года назад

The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.

EPSS

Процентиль: 74%

0.00811

Низкий

5.1 Medium

CVSS2

Дефекты

NVD-CWE-Other