7.2
CVE-2006-0561
- EPSS 0.36%
- Veröffentlicht 10.05.2006 02:14:00
- Zuletzt bearbeitet 16.06.2026 22:20:50
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Secure Access Control Server Version3.0 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.0.1 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.0.3 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.1 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.1.1 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.2 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.2 Editionwindows_server
Cisco ≫ Secure Access Control Server Version3.3 Editionwindows_nt
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.36% | 0.277 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
http://securitytracker.com/id?1016042
http://www.cisco.com/warp/public/707/cisco-sr-20060508-acs.shtml
http://www.osvdb.org/25892
http://www.securityfocus.com/archive/1/433286/100/0/threaded
http://www.securityfocus.com/archive/1/433301/100/0/threaded
http://www.securityfocus.com/bid/16743
http://www.symantec.com/enterprise/research/SYMSA-2006-003.txt
http://www.vupen.com/english/advisories/2006/1741
https://exchange.xforce.ibmcloud.com/vulnerabilities/26307