Password Modification Vulnerability in Cisco Firewall Appliances
CVE-2006-4312

Currently unrated

Key Information:

Vendor
Cisco
Status
Pix Firewall 501
Pix Firewall 515
Pix Firewall 525
Pix Firewall 520
Vendor
CVE Published:
23 August 2006

Summary

A significant issue in certain Cisco firewall appliances leads to unintentional changes in the EXEC password, local user passwords, and enable password. This flaw occurs under specific conditions and can result in administrators being inadvertently locked out of their devices. It potentially opens the door for attackers, allowing unauthorized access to the affected systems. This vulnerability affects various models within the Cisco PIX 500 and ASA 5500 series when operating on specific software versions, emphasizing the need for prompt updates and vigilance to maintain robust security postures.

References

http://www.vupen.com/english/advisories/2006/3367
vdb-entryx_refsource_VUPEN
http://securitytracker.com/id?1016740
vdb-entryx_refsource_SECTRACK
http://www.cisco.com/warp/public/707/cisco-sa-20060823-fi...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.