CVE-2006-0561

high

Cisco

CVSS v3 Base Score

7.2

AV:L/AC:L/Au:N/C:C/I:C/A:C

EPSS Score

0.0%

Exploitation probability in 30 days

Top 85% most likely to be exploited

Attack Characteristics

Attack Vector

Local

Attack Complexity

Low

Confidentiality

Integrity

Availability

Published: May 10, 2006 (7309 days ago)

Last Modified: April 16, 2026

Vendor: Cisco

Source: NVD

Description

Cisco Secure Access Control Server (ACS) 3.x for Windows stores ACS administrator passwords and the master key in the registry with insecure permissions, which allows local users and remote administrators to decrypt the passwords by using Microsoft's cryptographic API functions to obtain the plaintext version of the master key.

CWE

NVD-CWE-Other

Affected Products

cisco secure access control server

References

🔗 securitytracker.com 🔗 www.cisco.com 🔗 www.osvdb.org 🔗 www.securityfocus.com 🔗 www.securityfocus.com

CVE-2006-0561

Vulnerability Report

Description

CWE

Affected Products

References