7.2
CVE-2006-0561
- EPSS 0.05%
- Published 10.05.2006 02:14:00
- Last modified 03.04.2025 01:03:51
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Secure Access Control Server Version3.0 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.0.1 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.0.3 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.1 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.1.1 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.2 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.2 Editionwindows_server
Cisco ≫ Secure Access Control Server Version3.3 Editionwindows_nt
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.12 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|