VDB
CVE-2006-0764
CVE-2006-0764
PUBLISHED
CVSS 5.099999904632568 MEDIUM
The Authentication, Authorization, and Accounting (AAA) capability in versions 5.0(1) and 5.0(3) of the software used by multiple Cisco Anomaly Detection and Mitigation products, when running with an incomplete TACACS+ configuration without a "tacacs-server host" command, allows remote attackers to bypass authentication and gain privileges, aka Bug ID CSCsd21455.
EPSS 0.81% · 74.6th percentile
Risk Scores
CVSS 2.0
5.099999904632568
EPSS Score
0.81%
74.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | traffic_anomaly_detector_module | 5.0\(1\), * |
| cisco | guard | *, 5.0\(1\) |
| n/a | n/a | n/a |
| cisco | anomaly_guard_module | 5.0\(3\), * |
Exploit Intelligence
- 18904 (circl)
- 16661 (circl)
- 1015638 (circl)
- 20060215 TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products (circl)
- cisco-tacacs-auth-bypass(24689) (circl)
- 435 (circl)
- ADV-2006-0612 (circl)
- 1015637 (circl)
- 23237 (circl)
Timeline
- Feb 15, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 8, 2023 EPSS Score
- Apr 15, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 18904 third-party-advisory
- 16661 vdb
- 1015638 vdb
- 20060215 TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products vendor-advisory
- cisco-tacacs-auth-bypass(24689) vdb
- 435 third-party-advisory
- ADV-2006-0612 vdb
- 1015637 vdb
- 23237 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2006-0764 advisory