Vulnerability CVE-2006-4312 - CERT Civis.Net

Vulnerability Name:

CVE-2006-4312 (CCN-28540)

Assigned:

2006-08-23

Published:

2006-08-23

Updated:

2018-10-30

Summary:

Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.

CVSS v3 Severity:

4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C)
5.0 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

2.6 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:N/C:N/I:P/A:P)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:N/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Other

References:

Source: MITRE
Type: CNA
CVE-2006-4312

Source: CCN
Type: SA21616
Cisco Firewall Products Unintentional Password Modification

Source: SECUNIA
Type: UNKNOWN
21616

Source: CCN
Type: SECTRACK ID: 1016738
Cisco Firewall Services Module May Change Certain Passwords

Source: SECTRACK
Type: UNKNOWN
1016738

Source: CCN
Type: SECTRACK ID: 1016739
Cisco ASA May Change Certain Passwords

Source: SECTRACK
Type: UNKNOWN
1016739

Source: CCN
Type: SECTRACK ID: 1016740
Cisco PIX Firewall May Change Certain Passwords

Source: SECTRACK
Type: UNKNOWN
1016740

Source: CCN
Type: cisco-sa-20060823-firewall
Cisco Security Advisory: Unintentional Password Modification Vulnerability in Cisco Firewall Products

Source: CISCO
Type: Vendor Advisory
20060823 Unintentional Password Modification Vulnerability in Cisco Firewall Products

Source: OSVDB
Type: UNKNOWN
28143

Source: CCN
Type: OSVDB ID: 28143
Cisco Multiple Products Unintentional Password Modification

Source: BID
Type: UNKNOWN
19681

Source: CCN
Type: BID-19681
Cisco Multiple Firewall Appliances Authentication Bypass Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2006-3367

Source: XF
Type: UNKNOWN
cisco-pix-password-modification(28540)

Source: XF
Type: UNKNOWN
cisco-pix-password-modification(28540)

Vulnerable Configuration:

Configuration 1:

cpe:/h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*

OR cpe:/o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*

Configuration 2:

cpe:/h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*

OR cpe:/h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*

OR cpe:/o:cisco:pix_firewall:525_6.3:*:*:*:*:*:*:*

OR cpe:/h:cisco:5500_adaptive_security_appliance:7.2:2:*:*:*:*:*:*

Denotes that component is vulnerable