CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1066

Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting "a thread under ConnectionClient.exe," aka CSCsg20558.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 21.2%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2007-1066

Cisco » Secure Services Client » Version: 4.0

cpe:2.3:a:cisco:secure_services_client:4.0
Cisco » Secure Services Client » Version: 4.0.5

cpe:2.3:a:cisco:secure_services_client:4.0.5
Cisco » Secure Services Client » Version: 4.0.51

cpe:2.3:a:cisco:secure_services_client:4.0.51
Cisco » Security Agent » Version: 5.0

cpe:2.3:a:cisco:security_agent:5.0
Cisco » Security Agent » Version: 5.1

cpe:2.3:a:cisco:security_agent:5.1
Cisco » Trust Agent » Version: 1.0

cpe:2.3:a:cisco:trust_agent:1.0
Cisco » Trust Agent » Version: 2.0

cpe:2.3:a:cisco:trust_agent:2.0
Cisco » Trust Agent » Version: 2.0.1

cpe:2.3:a:cisco:trust_agent:2.0.1
Cisco » Trust Agent » Version: 2.1

cpe:2.3:a:cisco:trust_agent:2.1
Meetinghouse » Aegis Secureconnect Client » Version: windows_platform

cpe:2.3:a:meetinghouse:aegis_secureconnect_client:windows_platform

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1066

Products

Pricing

Contact Us