Vulnerabilities > CVE-2006-5394 - Information Disclosure vulnerability in Cisco Secure Desktop SSL VPN Session

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

cisco

NVD

Published: 2006-10-18

Updated: 2008-09-05

Summary

The default configuration of Cisco Secure Desktop (CSD) has an unchecked "Disable printing" box in Secure Desktop Settings, which might allow local users to read data that was sent to a printer during another user's SSL VPN session.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Secure Desktop *	1

References

http://securitytracker.com/id?1017018
http://www.cisco.com/en/US/products/products_security_advisory09186a0080754f34.shtml
http://www.securityfocus.com/bid/20410