CVE-2006-4312
Last modified
CVE-2006-4312 is a vulnerability of currently unknown severity. Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.. EPSS estimates a 0.32% chance of exploitation in the next 30 days.
Description
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Pix Firewall 501 | All versions |
| Cisco | Pix Firewall 506 | All versions |
| Cisco | Pix Firewall 515 | All versions |
| Cisco | Pix Firewall 515e | All versions |
| Cisco | Pix Firewall 520 | All versions |
| Cisco | Pix Firewall 525 | All versions |
| Cisco | Pix Firewall 535 | All versions |
| Cisco | Pix Firewall Software | 6.3 |
| Cisco | Adaptive Security Appliance | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-4312?
How severe is CVE-2006-4312?
How do I fix CVE-2006-4312?
Are you affected by CVE-2006-4312?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST