CVE-2006-6477

Low CVSS 2.4

Overview

FRAgent.exe in Mandiant First Response (MFR) before 1.1.1, when run in daemon mode and configured to use only HTTP, allows local users to modify requests and responses between a client and an agent by hijacking an HTTP FRAgent daemon and conducting a man-in-the-middle (MITM) attack.

CWE: N/A Published: 2006-12-20T02:28:00.000

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 2.4 (LOW)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags