Lucene search

PRIOn knowledge basePRION:CVE-2007-0397

HistoryJan 20, 2007 - 1:28 a.m.

Information disclosure

2007-01-2001:28:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.013 Low

EPSS

Percentile

85.4%

JSON

The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information.

CPENameOperatorVersion
adaptive_security_appliance_device_managereq5.2.53
security_monitoring_analysis_and_response_systemeq4.2.3

CPE	Name	Operator	Version
	adaptive_security_appliance_device_manager	eq	5.2.53
	security_monitoring_analysis_and_response_system	eq	4.2.3

References

osvdb.org/32720

secunia.com/advisories/23836

securitytracker.com/id?1017535

securitytracker.com/id?1017536

www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtml

www.securityfocus.com/bid/22111

www.vupen.com/english/advisories/2007/0245

exchange.xforce.ibmcloud.com/vulnerabilities/31567

6.8 Medium

AI Score

Confidence

Low

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

0.013 Low

EPSS

Percentile

85.4%

JSON

Related for PRION:CVE-2007-0397