CVE-2006-4846

Published Sep 19, 2006

Last updated 7 years ago

Overview

Description: Unspecified vulnerability in Citrix Access Gateway with Advanced Access Control (AAC) 4.2 before 20060914, when AAC is configured to use LDAP authentication, allows remote attackers to bypass authentication via unknown vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.1
Impact score: 6.4
Exploitability score: 4.9
Vector string: AV:N/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Evaluator

Comment: -
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:citrix:access_gateway:4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0C3186D6-9A71-4B1A-8A2A-D801408E5AF1"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

https://nvd.nist.gov/vuln/detail/CVE-2006-4846
http://secunia.com/advisories/21941
http://securitytracker.com/id?1016874
http://support.citrix.com/article/CTX110439
http://support.citrix.com/article/CTX110950
http://www.kb.cert.org/vuls/id/658620
http://www.osvdb.org/28938
http://www.securityfocus.com/bid/20066
http://www.vupen.com/english/advisories/2006/3643
https://exchange.xforce.ibmcloud.com/vulnerabilities/28990

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References