Cisco · Cisco Anomaly Detection/Mitigation · CVE-2006-0764
**Name of the Vulnerable Software and Affected Versions**
Cisco Anomaly Detection and Mitigation software versions 5.0(1) and 5.0(3)
**Description**
The issue concerns the Authentication, Authorization, and Accounting (AAA) capability. When running with an incomplete TACACS+ configuration without a "tacacs-server host" command, it allows remote attackers to bypass authentication and gain privileges.
**Recommendations**
For version 5.0(1), ensure a complete TACACS+ configuration, including the "tacacs-server host" command, to prevent authentication bypass.
For version 5.0(3), ensure a complete TACACS+ configuration, including the "tacacs-server host" command, to prevent authentication bypass.