4.6
CVE-2006-5808
- EPSS 0.36%
- Veröffentlicht 08.11.2006 22:07:00
- Zuletzt bearbeitet 16.06.2026 22:31:55
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
The installation of Cisco Secure Desktop (CSD) before 3.1.1.45 uses insecure default permissions (all users full control) for the CSD directory and its parent directory, which allow local users to gain privileges by replacing CSD executables, aka "Local Privilege Escalation".
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Secure Desktop Version <= 3.1.1.33
Cisco ≫ Secure Desktop Version3.1.1.27
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.36% | 0.274 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.6 | 3.9 | 6.4 |
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/22747
http://securitytracker.com/id?1017195
http://www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtml
http://www.securityfocus.com/bid/20964
http://www.vupen.com/english/advisories/2006/4409
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=442
http://www.osvdb.org/30308
https://exchange.xforce.ibmcloud.com/vulnerabilities/30128