Vulnerability Description
Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empty password when using an external LDAP server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Security Agent Management Center | 5.1 |
References
- http://secunia.com/advisories/22684
- http://securitytracker.com/id?1017148
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.sPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/778648US Government Resource
- http://www.osvdb.org/30169
- http://www.securityfocus.com/bid/20852Patch
- http://www.vupen.com/english/advisories/2006/4308
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29955
- http://secunia.com/advisories/22684
- http://securitytracker.com/id?1017148
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807726f7.sPatchVendor Advisory
- http://www.kb.cert.org/vuls/id/778648US Government Resource
- http://www.osvdb.org/30169
- http://www.securityfocus.com/bid/20852Patch
- http://www.vupen.com/english/advisories/2006/4308
FAQ
What is CVE-2006-5660?
CVE-2006-5660 is a vulnerability with a CVSS score of 7.5 (HIGH). Cisco Security Agent Management Center (CSAMC) 5.1 before 5.1.0.79 does not properly handle certain LDAP error messages, which allows remote attackers to bypass authentication requirements via an empt...
How severe is CVE-2006-5660?
CVE-2006-5660 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-5660?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Security Agent Management Center.