Lucene search

[email protected]CVE-2009-4912

HistoryOct 03, 2022 - 4:24 p.m.

CVE-2009-4912

2022-10-0316:24:02

CWE-264

[email protected]

web.nvd.nist.gov

cisco

asa

5580 series

ssl handshake

vulnerability

bug id cscso10876

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.4%

JSON

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions via an HTTPS session, aka Bug ID CSCso10876.

Affected configurations

NVD

Node

ciscoasa_5580Range≤8.1\(1\)

CPENameOperatorVersion
cisco:asa_5580cisco asa 5580le8.1\(1\)

CPE	Name	Operator	Version
cisco:asa_5580	cisco asa 5580	le	8.1\(1\)

References

www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.4%

JSON

Related for CVE-2009-4912

cvelist1 prion1 nvd1