Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture validation.
References
Link | Resource |
---|---|
http://secunia.com/advisories/25598 | Third Party Advisory |
http://securityreason.com/securityalert/2796 | Exploit Third Party Advisory |
http://www.cisco.com/en/US/products/products_security_response09186a008085d645.html | Vendor Advisory |
http://www.osvdb.org/35340 | Broken Link |
http://www.securityfocus.com/archive/1/471041/100/0/threaded | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/24415 | Patch Third Party Advisory VDB Entry |
http://www.securitytracker.com/id?1018217 | Third Party Advisory VDB Entry |
http://www.vupen.com/english/advisories/2007/2140 | Third Party Advisory |
https://exchange.xforce.ibmcloud.com/vulnerabilities/34807 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2007-06-12 21:30
Updated : 2024-02-28 11:01
NVD link : CVE-2007-3184
Mitre link : CVE-2007-3184
CVE.ORG link : CVE-2007-3184
JSON object : View
Products Affected
cisco
- trust_agent
apple
- mac_os_x
CWE
CWE-287
Improper Authentication