Vulnslist

find the latest Cisco vulnerabilities

TACACS+ Authentication Bypass in Cisco Anomaly Detection and Mitigation Products

cisco-sa-20060215-guard · NA · Published · Updated

A vulnerability in versions 5.0(1) and 5.0(3) of the software used in Cisco Anomaly Detection and Mitigation appliances and service modules may allow unauthorized users to get unauthorized access to the devices and/or escalate their privileges if Terminal Access Controller Access Control System Plus (TACACS+) is incompletely configured. TACACS+ authentication is disabled by default, and a device correctly configured for TACACS+ authentication is not affected by this vulnerability. Cisco has made free software available to address this vulnerability for affected customers. There are workarounds available to mitigate the effects of the vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20060215-guard.

Cisco advisory ·CSAF JSON

Workarounds

No workaround information imported yet.

CVEsCVE-2006-0764
Cisco Bug IDsNA
CVSS ScoreBase NA
Product Names From Source
NA, Cisco Guard DDoS Mitigation Appliance, Cisco Traffic Anomaly Detector

Related Products

Product CVE Evidence
Cisco RV Series Routers CVE-2006-0764 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2006-0764 Cisco OpenVuln
Cisco Traffic Anomaly Detector CVE-2006-0764 Cisco OpenVuln
Cisco Guard DDoS Mitigation Appliance CVE-2006-0764 Cisco OpenVuln