← back
CVE-2006-0764

CVE-2006-0764

EPSS 2.0%
The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/18904http://securityreason.com/securityalert/435http://securitytracker.com/id?1015637http://securitytracker.com/id?1015638https://exchange.xforce.ibmcloud.com/vulnerabilities/24689http://www.cisco.com/en/US/products/products_security_advisory09186a008060519a.shtmlhttp://www.osvdb.org/23237http://www.securityfocus.com/bid/16661http://www.vupen.com/english/advisories/2006/0612