Lucene search

[email protected]CVE-2010-4680

HistoryJan 07, 2011 - 12:00 p.m.

CVE-2010-4680

2011-01-0712:00:00

CWE-264

[email protected]

web.nvd.nist.gov

cisco

asa

5500 series

webvpn

cifs

bug id

cscsz80777

cve-2010-4680

7.2 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

69.5%

JSON

The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permits the viewing of CIFS shares even when CIFS file browsing has been disabled, which allows remote authenticated users to bypass intended access restrictions via CIFS requests, aka Bug ID CSCsz80777.

CPENameOperatorVersion
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarele8.2\(2\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(0\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(2\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(4\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(5\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(5.2\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(6.7\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0.1
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0.1.4

CPE	Name	Operator	Version
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	le	8.2\(2\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(0\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(2\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(4\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(5\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(5.2\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(6.7\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0.1
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0.1.4

Rows per page:

1-10 of 561

References

secunia.com/advisories/42931

www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf

www.securityfocus.com/bid/45767

www.securitytracker.com/id?1024963

exchange.xforce.ibmcloud.com/vulnerabilities/64606

7.2 High

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

69.5%

JSON

Related for CVE-2010-4680

cvelist1 prion1