CVE Vulnerability

CVE-2007-3184

Cisco Trust Agent (CTA) before 2.1.104.0, when running on MacOS X, allows attackers with physical access to bypass authentication and modify System Preferences, including passwords, by invoking the Apple Menu when the Access Control Server (ACS) produces a user notification message after posture validation.

7.2 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.cisco.com/en/US/products/products_security_response09186a008085d645.html Vendor Advisory
http://www.securityfocus.com/bid/24415 Patch Third Party Advisory
http://www.osvdb.org/35340 Broken Link
http://www.securitytracker.com/id?1018217 Third Party Advisory VDB Entry
http://secunia.com/advisories/25598 Third Party Advisory
http://securityreason.com/securityalert/2796 Exploit Third Party Advisory
http://www.vupen.com/english/advisories/2007/2140 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/34807 Third Party Advisory VDB Entry
http://www.securityfocus.com/archive/1/471041/100/0/threaded Third Party Advisory VDB Entry
Configurations

Configuration 1
Information

Published : 2007-06-12 09:30

Updated : 2018-10-19 07:03

NVD link : CVE-2007-3184

Mitre link : CVE-2007-3184

Products Affected
No products.
CWE
CWE-287