CVE-2007-2462

2007-05-0222:19:00

[email protected]

web.nvd.nist.gov

cisco

adaptive security appliance

asa

pix

vulnerability

ldap

authentication

privilege escalation

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.185 Low

EPSS

Percentile

96.3%

JSON

Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors.

Affected configurations

NVD

Node

ciscopixRange≤7.2

ciscopixMatch7.1

ciscoadaptive_security_appliance_softwareRange≤7.2.2

ciscoadaptive_security_appliance_softwareMatch7.1

CPENameOperatorVersion
cisco:pixcisco pixle7.2
cisco:pixcisco pixeq7.1
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarele7.2.2
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.1

CPE	Name	Operator	Version
cisco:pix	cisco pix	le	7.2
cisco:pix	cisco pix	eq	7.1
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	le	7.2.2
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.1