CVE-2006-3226
3 documents3 sources
Severity
7.5HIGH
EPSS
1.9%
top 16.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJun 26
Latest updateMay 1
Description
Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server's port number to grant access to an HTTP server port for an administration session, which allows remote attackers to bypass authentication via various methods, aka "ACS Weak Session Management Vulnerability."
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4