Vulnerability Details : CVE-2007-1065
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836.
Exploit prediction scoring system (EPSS) score for CVE-2007-1065
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-1065
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.8
|
MEDIUM | AV:L/AC:L/Au:S/C:C/I:C/A:C |
3.1
|
10.0
|
NIST |
References for CVE-2007-1065
- http://www.securitytracker.com/id?1017684
- http://www.vupen.com/english/advisories/2007/0690
-
http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml
Patch;Vendor Advisory
- http://www.securityfocus.com/bid/22648
- http://www.securitytracker.com/id?1017683
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32622
Products affected by CVE-2007-1065
- cpe:2.3:a:cisco:security_agent:5.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:security_agent:5.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_services_client:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_services_client:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:secure_services_client:4.0.51:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:trust_agent:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:trust_agent:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:trust_agent:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:trust_agent:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:meetinghouse:aegis_secureconnect_client:windows_platform:*:*:*:*:*:*:*