7.2
CVE-2007-3184
- EPSS 0.63%
- Veröffentlicht 12.06.2007 21:30:00
- Zuletzt bearbeitet 16.06.2026 22:41:13
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture validation.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.63% | 0.453 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
CWE-287 Improper Authentication
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
http://secunia.com/advisories/25598
http://securityreason.com/securityalert/2796
http://www.cisco.com/en/US/products/products_security_response09186a008085d645.html
http://www.osvdb.org/35340
http://www.securityfocus.com/archive/1/471041/100/0/threaded
http://www.securityfocus.com/bid/24415
http://www.securitytracker.com/id?1018217
http://www.vupen.com/english/advisories/2007/2140
https://exchange.xforce.ibmcloud.com/vulnerabilities/34807