Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture validation.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 00:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/25598 - Third Party Advisory | |
References | () http://securityreason.com/securityalert/2796 - Exploit, Third Party Advisory | |
References | () http://www.cisco.com/en/US/products/products_security_response09186a008085d645.html - Vendor Advisory | |
References | () http://www.osvdb.org/35340 - Broken Link | |
References | () http://www.securityfocus.com/archive/1/471041/100/0/threaded - Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/24415 - Patch, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1018217 - Third Party Advisory, VDB Entry | |
References | () http://www.vupen.com/english/advisories/2007/2140 - Third Party Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/34807 - Third Party Advisory, VDB Entry |
Information
Published : 2007-06-12 21:30
Updated : 2024-11-21 00:32
NVD link : CVE-2007-3184
Mitre link : CVE-2007-3184
CVE.ORG link : CVE-2007-3184
JSON object : View
Products Affected
apple
- mac_os_x
cisco
- trust_agent
CWE
CWE-287
Improper Authentication