7.5

CVE-2006-3226

EPSS 1.41%
Published 26.06.2006 16:05:00
Last modified 03.04.2025 01:03:51
Source cve@mitre.org
Teams watchlist Login
Open Login

Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server's port number to grant access to an HTTP server port for an administration session, which allows remote attackers to bypass authentication via various methods, aka "ACS Weak Session Management Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 13

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Secure Access Control Server Version4.0 Editionwindows

Cisco ≫ Secure Access Control Server Version4.0.1 Editionwindows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.41%	0.797

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/20816

http://securityreason.com/securityalert/1157

http://securitytracker.com/id?1016369

http://www.cisco.com/en/US/products/sw/secursw/ps2086/tsd_products_security_response09186a00806c68f9.html

Vendor Advisory

http://www.osvdb.org/26825

http://www.securityfocus.com/archive/1/438161/100/0/threaded

http://www.securityfocus.com/archive/1/438258/100/0/threaded

http://www.securityfocus.com/bid/18621

http://www.vupen.com/english/advisories/2006/2524

https://exchange.xforce.ibmcloud.com/vulnerabilities/27328

https://nvd.nist.gov/vuln/detail/CVE-2006-3226

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3226

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3226

EUVD