6.8

CVE-2007-1064

EPSS 0.07%
Published 22.02.2007 01:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120.

Affected products Warnungen 0 Metrics 2 CWE 0 References 11

Data is provided by the National Vulnerability Database (NVD)

Cisco ≫ Secure Services Client Version4.0

Cisco ≫ Secure Services Client Version4.0.5

Cisco ≫ Secure Services Client Version4.0.51

Cisco ≫ Security Agent Version5.0

Cisco ≫ Security Agent Version5.1

Cisco ≫ Trust Agent Version1.0

Cisco ≫ Trust Agent Version2.0

Cisco ≫ Trust Agent Version2.0.1

Cisco ≫ Trust Agent Version2.1

Meetinghouse ≫ Aegis Secureconnect Client Versionwindows_platform

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.07%	0.185

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.8	3.1	10	AV:L/AC:L/Au:S/C:C/I:C/A:C

http://osvdb.org/33049

http://secunia.com/advisories/24258

http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml

Patch

Vendor Advisory

http://www.securityfocus.com/bid/22648

http://www.securitytracker.com/id?1017683

http://www.securitytracker.com/id?1017684

http://www.vupen.com/english/advisories/2007/0690

https://exchange.xforce.ibmcloud.com/vulnerabilities/32621

https://nvd.nist.gov/vuln/detail/CVE-2007-1064

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-1064

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-1064

EUVD