CVE-2006-3896

Опубликовано: 19 дек. 2006

Источник: nvd

CVSS2: 4.9

EPSS Низкий

Описание

The NeoScale Systems CryptoStor 700 series appliance before 2.6 relies on client-side ActiveX code for smartcard authentication, which allows remote attackers to bypass smartcard authentication, and gain access if able to present a valid username and password, by disabling ActiveX.

Ссылки

http://secunia.com/advisories/23430
Patch
Vendor Advisory
http://securitytracker.com/id?1017396
http://www.kb.cert.org/vuls/id/339004
Patch
US Government Resource
http://www.securityfocus.com/bid/21652
http://www.vupen.com/english/advisories/2006/5063
http://secunia.com/advisories/23430
Patch
Vendor Advisory
http://securitytracker.com/id?1017396
http://www.kb.cert.org/vuls/id/339004
Patch
US Government Resource
http://www.securityfocus.com/bid/21652
http://www.vupen.com/english/advisories/2006/5063

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:h:neoscale_systems:cryptostor_tape_700:*:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.0042

Низкий

4.9 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-c265-wm96-r7cw

github

почти 4 года назад