CVE-2006-3226: CVE-2006-3226

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2006-3226

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server's port number to grant access to an HTTP server port for an administration session, which allows remote attackers to bypass authentication via various methods, aka "ACS Weak Session Management Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Cisco Secure ACS 远程认证绕过漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Cisco Secure ACS是Cisco网络设备的中央管理平台，用于控制设备的认证和授权。 Cisco Secure ACS中存在认证绕过漏洞，远程攻击者可能利用此漏洞劫持现有的认证后的会话。在认证后，运行在TCP端口2002上的Cisco Secure ACS Web管理接口会将连接重新定向到1024和65535之间动态分配的端口号上，具体取决于用户用于认证之后HTTP连接的IP地址。这有助于攻击者劫持管理会话，因为端口号是以顺序的方式分配的，没有使用很强的认证。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2006-3226

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2006-3226

Please Login to view more intelligence information

http://securityreason.com/securityalert/1157third-party-advisoryx_refsource_SREASON
http://www.securityfocus.com/bid/18621vdb-entryx_refsource_BID
http://secunia.com/advisories/20816third-party-advisoryx_refsource_SECUNIA
http://www.osvdb.org/26825vdb-entryx_refsource_OSVDB
http://securitytracker.com/id?1016369vdb-entryx_refsource_SECTRACK
http://www.vupen.com/english/advisories/2006/2524vdb-entryx_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/27328vdb-entryx_refsource_XF
http://www.cisco.com/en/US/products/sw/secursw/ps2086/tsd_products_security_response09186a00806c68f9.htmlvendor-advisoryx_refsource_CISCO
http://www.securityfocus.com/archive/1/438161/100/0/threadedmailing-listx_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/438258/100/0/threadedmailing-listx_refsource_BUGTRAQ
https://nvd.nist.gov/vuln/detail/CVE-2006-3226

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2006-3226

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2006-3226

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2006-3226

III. Intelligence Information for CVE-2006-3226

IV. Related Vulnerabilities

V. Comments for CVE-2006-3226

Leave a comment