Information Disclosure Vulnerability in Cisco Secure Services Client and AEGIS SecureConnect Client
CVE-2007-1068

Currently unrated

Key Information:

Vendor: Cisco
Status: Trust Agent; Security Agent; Secure Services Client; Aegis Secureconnect Client
Vendor: CVE Published:; 22 February 2007

Summary

This vulnerability allows local users to access transmitted authentication credentials logged in plaintext by various authentication methods, including TTLS and PEAP protocols, in the affected Cisco products. Potential exploitation could lead to unauthorized information exposure, compromising sensitive user data and authentication details.

References

http://secunia.com/advisories/24258

third-party-advisoryx_refsource_SECUNIA

http://osvdb.org/33046

vdb-entryx_refsource_OSVDB

http://www.vupen.com/english/advisories/2007/0690

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Feb 22, 2007
Vulnerability Reserved
Feb 21, 2007