CVE-2006-4312

Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:S/C:C/I:C/A:C

Exploitability : 3.1 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml	Vendor Advisory
http://www.securityfocus.com/bid/19681
http://securitytracker.com/id?1016738
http://securitytracker.com/id?1016739
http://securitytracker.com/id?1016740
http://secunia.com/advisories/21616
http://www.osvdb.org/28143
http://www.vupen.com/english/advisories/2006/3367
https://exchange.xforce.ibmcloud.com/vulnerabilities/28540

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:cisco:pix_firewall_525::::::::
	cpe:2.3:h:cisco:pix_firewall_535::::::::
	cpe:2.3:h:cisco:pix_firewall_506::::::::
	cpe:2.3:h:cisco:pix_firewall_515::::::::
	cpe:2.3:o:cisco:pix_firewall_software:6.3:::::::*
	cpe:2.3:h:cisco:pix_firewall_501::::::::
	cpe:2.3:h:cisco:pix_firewall_515e::::::::
	cpe:2.3:h:cisco:pix_firewall_520::::::::

Configuration 2 (hide)

cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

Information

Published : 2006-08-23 15:04

Updated : 2018-10-30 09:25

NVD link : CVE-2006-4312

Mitre link : CVE-2006-4312

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

cisco

pix_firewall_software
pix_firewall_515e
pix_firewall_501
adaptive_security_appliance
pix_firewall_515
pix_firewall_525
pix_firewall_535
pix_firewall_506
pix_firewall_520

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml", "name": "20060823 Unintentional Password Modification Vulnerability in Cisco Firewall Products", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.securityfocus.com/bid/19681", "name": "19681", "tags": [], "refsource": "BID"}, {"url": "http://securitytracker.com/id?1016738", "name": "1016738", "tags": [], "refsource": "SECTRACK"}, {"url": "http://securitytracker.com/id?1016739", "name": "1016739", "tags": [], "refsource": "SECTRACK"}, {"url": "http://securitytracker.com/id?1016740", "name": "1016740", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/21616", "name": "21616", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.osvdb.org/28143", "name": "28143", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.vupen.com/english/advisories/2006/3367", "name": "ADV-2006-3367", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28540", "name": "cisco-pix-password-modification(28540)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a \"non-random value\" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-4312", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "MEDIUM", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2006-08-23T22:04Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-30T16:25Z"}