VDB
CVE-2006-5806
CVE-2006-5806
PUBLISHED
CVSS 2.0999999046325684 LOW
SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores sensitive browser session information in a directory outside of the CSD vault and does not restrict the user from saving files outside of the vault, which is not cleared after the VPN connection terminates and allows local users to read unencrypted data.
EPSS 0.09% · 25.3th percentile
Risk Scores
CVSS 2.0
2.0999999046325684
EPSS Score
0.09%
25.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| cisco | secure_desktop | 0 |
Exploit Intelligence
- 1017195 (circl)
- cisco-csd-ssl-vpn-information-disclosure(30129) (circl)
- 22747 (circl)
- 30306 (circl)
- 20061108 Multiple Vulnerabilities in Cisco Secure Desktop (circl)
- ADV-2006-4409 (circl)
- 20964 (circl)
Timeline
- Nov 8, 2006 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- May 25, 2023 EPSS Score
References
- 1017195 vdb
- cisco-csd-ssl-vpn-information-disclosure(30129) vdb
- 22747 third-party-advisory
- 30306 vdb
- 20061108 Multiple Vulnerabilities in Cisco Secure Desktop vendor-advisory
- ADV-2006-4409 vdb
- 20964 vdb
- https://nvd.nist.gov/vuln/detail/CVE-2006-5806 advisory