CVE-2006-5807

Severity Score

4.6

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escape out of the secure desktop environment by using certain applications that switch to the default desktop, aka "System Policy Evasion".

Cisco Secure Desktop (CSD) en versiones anteriores a la 3.1.1.45 permite a usuarios locales salirse del escritorio seguro mediante el uso de ciertas aplicaciones que permiten el intercambio entre dicho escritorio y el escritorio por defecto, también conocido como "System Policy Evasion".

*Credits: N/A

CVSS Scores

NISTv2 4.6

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-11-08 CVE Reserved
2006-11-08 CVE Published
2024-04-02 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (7)

URL	Tag	Source
http://secunia.com/advisories/22747	Third Party Advisory
http://securitytracker.com/id?1017195	Vdb Entry
http://www.osvdb.org/30307	Vdb Entry
http://www.securityfocus.com/bid/20964	Vdb Entry
http://www.vupen.com/english/advisories/2006/4409	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/30130	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtml	2017-07-20

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Cisco Search vendor "Cisco"		Secure Desktop Search vendor "Cisco" for product "Secure Desktop"				<= 3.1.1.33 Search vendor "Cisco" for product "Secure Desktop" and version " <= 3.1.1.33"		-		Affected