PT-2006-6367 · Cisco · Cisco Security Agent Management Center

Published

2006-11-03

Updated

2017-07-20

CVE-2006-5660

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Cisco Security Agent Management Center (CSAMC) versions 5.1 through 5.1.0.78

Description: The issue arises from improper handling of certain LDAP error messages, allowing remote attackers to bypass authentication requirements by using an empty password when connected to an external LDAP server.

Recommendations: For versions 5.1 through 5.1.0.78, update to version 5.1.0.79 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5660

Affected Products

Cisco Security Agent Management Center

PT-2006-6367 · Cisco · Cisco Security Agent Management Center

CVE-2006-5660

Related Identifiers

Affected Products

References · 9