// For flags

CVE-2007-1064

 

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120.

Cisco Secure Services Client (CSSC) versiones 4.x, Trust Agent 1.x y 2.x, Cisco Security Agent (CSA) versiones 5.0 y 5.1 (cuando ha sido desplegado un Trust Agent vulnerable) y el Meetinghouse AEGIS SecureConnect Client, no pierde los privilegios cuando es invocado el servicio de ayuda en la GUI del requirente, lo que permite a usuarios locales alcanzar privilegios, tambiƩn se conoce como CSCsf14120.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Authentication
Single
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-02-21 CVE Reserved
  • 2007-02-22 CVE Published
  • 2024-07-17 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
 Secure Services Client
Search vendor "Cisco" for product "Secure Services Client"
 4.0
Search vendor "Cisco" for product "Secure Services Client" and version "4.0"
-
Affected
Cisco
Search vendor "Cisco"
 Secure Services Client
Search vendor "Cisco" for product "Secure Services Client"
 4.0.5
Search vendor "Cisco" for product "Secure Services Client" and version "4.0.5"
-
Affected
Cisco
Search vendor "Cisco"
 Secure Services Client
Search vendor "Cisco" for product "Secure Services Client"
 4.0.51
Search vendor "Cisco" for product "Secure Services Client" and version "4.0.51"
-
Affected
Cisco
Search vendor "Cisco"
 Security Agent
Search vendor "Cisco" for product "Security Agent"
 5.0
Search vendor "Cisco" for product "Security Agent" and version "5.0"
-
Affected
Cisco
Search vendor "Cisco"
 Security Agent
Search vendor "Cisco" for product "Security Agent"
 5.1
Search vendor "Cisco" for product "Security Agent" and version "5.1"
-
Affected
Cisco
Search vendor "Cisco"
 Trust Agent
Search vendor "Cisco" for product "Trust Agent"
 1.0
Search vendor "Cisco" for product "Trust Agent" and version "1.0"
-
Affected
Cisco
Search vendor "Cisco"
 Trust Agent
Search vendor "Cisco" for product "Trust Agent"
 2.0
Search vendor "Cisco" for product "Trust Agent" and version "2.0"
-
Affected
Cisco
Search vendor "Cisco"
 Trust Agent
Search vendor "Cisco" for product "Trust Agent"
 2.0.1
Search vendor "Cisco" for product "Trust Agent" and version "2.0.1"
-
Affected
Cisco
Search vendor "Cisco"
 Trust Agent
Search vendor "Cisco" for product "Trust Agent"
 2.1
Search vendor "Cisco" for product "Trust Agent" and version "2.1"
-
Affected
Meetinghouse
Search vendor "Meetinghouse"
 Aegis Secureconnect Client
Search vendor "Meetinghouse" for product "Aegis Secureconnect Client"
 windows_platform
Search vendor "Meetinghouse" for product "Aegis Secureconnect Client" and version "windows_platform"
-
Affected