CVE-2005-3886

Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software.

CVSS v2.0 7.2 HIGH

7.2^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/15618
http://secunia.com/advisories/17815
http://securitytracker.com/id?1015283
http://securityreason.com/securityalert/224
http://www.vupen.com/english/advisories/2005/2655

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:security_agent:4.5.0:::::::*
	cpe:2.3:a:cisco:security_agent:4.5.1:::::::*

Information

Published : 2005-11-29 12:03

Updated : 2011-03-07 18:27

NVD link : CVE-2005-3886

Mitre link : CVE-2005-3886

JSON object : View

CWE

NVD-CWE-Other

Products Affected

cisco

security_agent

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.cisco.com/warp/public/707/cisco-sa-20051129-csa.shtml", "name": "20051129 Cisco Security Agent Vulnerable to Privilege Escalation", "tags": ["Patch", "Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.securityfocus.com/bid/15618", "name": "15618", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/17815", "name": "17815", "tags": [], "refsource": "SECUNIA"}, {"url": "http://securitytracker.com/id?1015283", "name": "1015283", "tags": [], "refsource": "SECTRACK"}, {"url": "http://securityreason.com/securityalert/224", "name": "224", "tags": [], "refsource": "SREASON"}, {"url": "http://www.vupen.com/english/advisories/2005/2655", "name": "ADV-2005-2655", "tags": [], "refsource": "VUPEN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Cisco Security Agent (CSA) 4.5.0 and 4.5.1 agents, when running on Windows systems, allows local users to bypass protections and gain system privileges by executing certain local software."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2005-3886", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2005-11-29T20:03Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2011-03-08T02:27Z"}

7.2 /10