7.2
CVE-2006-0561
- EPSS 0.05%
- Veröffentlicht 10.05.2006 02:14:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Secure Access Control Server Version3.0 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.0.1 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.0.3 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.1 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.1.1 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.2 Editionwindows_nt
Cisco ≫ Secure Access Control Server Version3.2 Editionwindows_server
Cisco ≫ Secure Access Control Server Version3.3 Editionwindows_nt
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.12 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|