CVE-2006-5807Sensitive Information Exposure in Cisco Secure Desktop

CWE-200Sensitive Information ExposureCWE-2644 documents4 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 70.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Secure Desktop
Timeline
PublishedNov 8
Latest updateMay 1

Description

Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escape out of the secure desktop environment by using certain applications that switch to the default desktop, aka "System Policy Evasion".

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

NVDcisco/secure_desktop3.1.1.33

🔴Vulnerability Details

2
GHSA
GHSA-962p-8vcr-xqw4: Cisco Secure Desktop (CSD) before 32022-05-01
CVEList
CVE-2006-5807: Cisco Secure Desktop (CSD) before 32006-11-08

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco Secure Desktop2006-11-08
CVE-2006-5807 — Sensitive Information Exposure in Cisco | cvebase