CVE-2006-5660

{"id": "CVE-2006-5660", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}]}, "published": "2006-11-03T00:07:00.000", "references": [{"url": "http://secunia.com/advisories/22684", "source": "cve@mitre.org"}, {"url": "http://securitytracker.com/id?1017148", "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/778648", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/30169", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/20852", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.vupen.com/english/advisories/2006/4308", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29955", "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/22684", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://securitytracker.com/id?1017148", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.kb.cert.org/vuls/id/778648", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/30169", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/20852", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2006/4308", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29955", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server."}, {"lang": "es", "value": "Cisco Security Agent Management Center (CSAMC) 5.1 versiones anteriores a 5.1.0.79 no gestiona apropiadamente errores concretos LDAP, que permite a atacantes remotos evitar requerimientos de autenticaci\u00f3n mediante una clave vac\u00eda al utilizar un servidor LDAP externo."}], "lastModified": "2024-11-21T00:20:06.277", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:security_agent_management_center:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "916862A1-0475-4684-9C1D-DA62F6F44B2E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org", "evaluatorSolution": "This vulnerability is addressed in the following product update:\r\nCisco, Security Agent Management Center, 5.1.0.79"}