Unrated severityNVD Advisory· Published Aug 23, 2006· Updated Apr 16, 2026

CVE-2006-4312

Description

Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.

Affected products

Cisco Systems, Inc./Pix Firewall 515
cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Pix Firewall 515e
cpe:2.3:h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Pix Firewall 520
cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Pix Firewall 525
cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Pix Firewall 535
cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Pix Firewall Software
cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*
Cisco Systems, Inc./Cisco Adaptive Security Appliance
cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Pix Firewall 501
cpe:2.3:h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Pix Firewall 506
cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000