CVE-2005-3886

Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/17815
http://securityreason.com/securityalert/224
http://securitytracker.com/id?1015283
http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/15618
http://www.vupen.com/english/advisories/2005/2655
http://secunia.com/advisories/17815
http://securityreason.com/securityalert/224
http://securitytracker.com/id?1015283
http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/15618
http://www.vupen.com/english/advisories/2005/2655

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:security_agent:4.5.0:::::::*
	cpe:2.3:a:cisco:security_agent:4.5.1:::::::*

History

21 Nov 2024, 00:02

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/17815 -~~	() http://secunia.com/advisories/17815 -
References	~~() http://securityreason.com/securityalert/224 -~~	() http://securityreason.com/securityalert/224 -
References	~~() http://securitytracker.com/id?1015283 -~~	() http://securitytracker.com/id?1015283 -
References	~~() http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml - Patch, Vendor Advisory~~	() http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/15618 -~~	() http://www.securityfocus.com/bid/15618 -
References	~~() http://www.vupen.com/english/advisories/2005/2655 -~~	() http://www.vupen.com/english/advisories/2005/2655 -

Information

Published : 2005-11-29 20:03

Updated : 2024-11-21 00:02

NVD link : CVE-2005-3886

Mitre link : CVE-2005-3886

CVE.ORG link : CVE-2005-3886

JSON object : View

Products Affected

cisco

security_agent

CWE

NVD-CWE-Other

{"id": "CVE-2005-3886", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2005-11-29T20:03:00.000", "references": [{"url": "http://secunia.com/advisories/17815", "source": "cve@mitre.org"}, {"url": "http://securityreason.com/securityalert/224", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1015283", "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/15618", "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2005/2655", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/17815", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securityreason.com/securityalert/224", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1015283", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/15618", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2005/2655", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software."}], "lastModified": "2024-11-21T00:02:57.240", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:security_agent:4.5.0:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "77805E6E-F638-4EAA-A814-AA0D711190DC"}, {"criteria": "cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "84A1657D-BBC9-4CF5-8F5A-486FAC8B9489"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}