Vulnerabilities > CVE-2006-5660 - Authentication Bypass vulnerability in Cisco Security Agent Management Center 5.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server. This vulnerability is addressed in the following product update: Cisco, Security Agent Management Center, 5.1.0.79
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://secunia.com/advisories/22684
- http://securitytracker.com/id?1017148
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.shtml
- http://www.kb.cert.org/vuls/id/778648
- http://www.osvdb.org/30169
- http://www.securityfocus.com/bid/20852
- http://www.vupen.com/english/advisories/2006/4308
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29955