CVE-2015-4458

2015-07-18T10:59:00
ID CVE-2015-4458
Type cve
Reporter cve@mitre.org
Modified 2017-09-22T01:29:00

Description

The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, which allows man-in-the-middle attackers to spoof TLS content by modifying packets, aka Bug ID CSCuu52976.