5

CVE-2006-4430

EPSS 2.36%
Veröffentlicht 29.08.2006 00:04:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack.  NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Network Admission Control Version <= 3.6.4.1

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3.1

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3.2

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3.3

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3.4

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3.5

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3.6

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3.7

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3.8

Cisco ≫ Network Admission Control Manager And Server System Software Version3.3.9

Cisco ≫ Network Admission Control Manager And Server System Software Version3.4

Cisco ≫ Network Admission Control Manager And Server System Software Version3.4.1

Cisco ≫ Network Admission Control Manager And Server System Software Version3.4.2

Cisco ≫ Network Admission Control Manager And Server System Software Version3.4.3

Cisco ≫ Network Admission Control Manager And Server System Software Version3.4.4

Cisco ≫ Network Admission Control Manager And Server System Software Version3.4.5

Cisco ≫ Network Admission Control Manager And Server System Software Version3.5

Cisco ≫ Network Admission Control Manager And Server System Software Version3.5.1

Cisco ≫ Network Admission Control Manager And Server System Software Version3.5.2

Cisco ≫ Network Admission Control Manager And Server System Software Version3.5.3

Cisco ≫ Network Admission Control Manager And Server System Software Version3.5.4

Cisco ≫ Network Admission Control Manager And Server System Software Version3.5.5

Cisco ≫ Network Admission Control Manager And Server System Software Version3.6.0.1

Cisco ≫ Network Admission Control Manager And Server System Software Version3.6.4.0.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.36%	0.844

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://archive.cert.uni-stuttgart.de/archive/bugtraq/2005/08/msg00200.html

http://www.cisco.com/en/US/products/ps6128/products_security_notice09186a00804fa82b.html

http://www.cisco.com/en/US/products/ps6128/tsd_products_security_response09186a008071d609.html

http://www.securityfocus.com/archive/1/408603/30/0/threaded

http://www.securityfocus.com/archive/1/444424/100/0/threaded

http://www.securityfocus.com/archive/1/444501/100/0/threaded

http://www.securityfocus.com/archive/1/444737/100/0/threaded

http://www.securityfocus.com/bid/19726

https://nvd.nist.gov/vuln/detail/CVE-2006-4430

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-4430

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-4430

EUVD