Back to search
CVE-2006-0485
Published: Feb 1, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1015543
vdb-entry
x_refsource_SECTRACK
oval:org.mitre.oval:def:5836
vdb-entry
signature
x_refsource_OVAL
34892
vdb-entry
x_refsource_OSVDB
18613
third-party-advisory
x_refsource_SECUNIA
ADV-2006-0337
vdb-entry
x_refsource_VUPEN
20060125 Response to AAA Command Authorization by-pass
vendor-advisory
x_refsource_CISCO
16383
vdb-entry
x_refsource_BID
cisco-aaa-tcl-auth-bypass(24308)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now