Unrated severityNVD Advisory· Published Nov 8, 2006· Updated Apr 23, 2026

CVE-2006-5806

Description

SSL VPN Client in Cisco Secure Desktop before 3.1.1.45, when configured to spawn a web browser after a successful connection, stores sensitive browser session information in a directory outside of the CSD vault and does not restrict the user from saving files outside of the vault, which is not cleared after the VPN connection terminates and allows local users to read unencrypted data.

Affected products

Cisco Systems, Inc./Secure Desktop
cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:*
Range: <=3.1.1.33

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtmlnvdVendor Advisory
secunia.com/advisories/22747nvd
securitytracker.com/idnvd
www.osvdb.org/30306nvd
www.securityfocus.com/bid/20964nvd
www.vupen.com/english/advisories/2006/4409nvd
exchange.xforce.ibmcloud.com/vulnerabilities/30129nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000