CVE-2006-3595

EPSS 1.99%
Veröffentlicht 18.07.2006 15:37:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The default configuration of IOS HTTP server in Cisco Router Web Setup (CRWS) before 3.3.0 build 31 does not require credentials, which allows remote attackers to access the server with arbitrary privilege levels, aka bug CSCsa78190.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 12

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Router Web Setup Version3.3.0_build_30

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.99%	0.829

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/21028

Vendor Advisory

http://securitytracker.com/id?1016476

http://www.cisco.com/warp/public/707/cisco-sa-20060712-crws.shtml

Patch

http://www.kb.cert.org/vuls/id/205225

US Government Resource

http://www.osvdb.org/27159

http://www.securityfocus.com/bid/18953

http://www.vupen.com/english/advisories/2006/2773

https://exchange.xforce.ibmcloud.com/vulnerabilities/27688

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5826

https://nvd.nist.gov/vuln/detail/CVE-2006-3595

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-3595

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-3595

EUVD