LDAP Authentication Bypass in Cisco Security Agent Management Center
CVE-2006-5660

Currently unrated

Key Information:

Vendor: Cisco
Status: Security Agent Management Center
Vendor: CVE Published:; 3 November 2006

Summary

The Cisco Security Agent Management Center (CSAMC) version 5.1 prior to 5.1.0.79 is susceptible to an authentication bypass vulnerability. This flaw occurs due to improper handling of certain LDAP error messages, allowing remote attackers to exploit the system and authenticate without a password when utilizing an external LDAP server. This vulnerability may lead to unauthorized access and potential manipulation of sensitive data, making it crucial for organizations using this software to apply the necessary updates and security measures.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/29955

vdb-entryx_refsource_XF

http://secunia.com/advisories/22684

third-party-advisoryx_refsource_SECUNIA

http://www.cisco.com/en/US/products/products_security_adv...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Nov 3, 2006
Vulnerability Reserved
Nov 2, 2006