CVE-2007-0397

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2007-0397
The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information.

6.4 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:N

Exploitability : 10.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://osvdb.org/32720
http://secunia.com/advisories/23836
http://securitytracker.com/id?1017535
http://securitytracker.com/id?1017536
http://www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtml Patch
http://www.securityfocus.com/bid/22111
http://www.vupen.com/english/advisories/2007/0245
https://exchange.xforce.ibmcloud.com/vulnerabilities/31567
http://osvdb.org/32720
http://secunia.com/advisories/23836
http://securitytracker.com/id?1017535
http://securitytracker.com/id?1017536
http://www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtml Patch
http://www.securityfocus.com/bid/22111
http://www.vupen.com/english/advisories/2007/0245
https://exchange.xforce.ibmcloud.com/vulnerabilities/31567
Configurations

Configuration 1 (hide)

cpe:2.3:h:cisco:security_monitoring_analysis_and_response_system:4.2.3:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.53:*:*:*:*:*:*:*
History

21 Nov 2024, 00:25

Type Values Removed Values Added
References () http://osvdb.org/32720 - () http://osvdb.org/32720 -
References () http://secunia.com/advisories/23836 - () http://secunia.com/advisories/23836 -
References () http://securitytracker.com/id?1017535 - () http://securitytracker.com/id?1017535 -
References () http://securitytracker.com/id?1017536 - () http://securitytracker.com/id?1017536 -
References () http://www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtml - Patch () http://www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtml - Patch
References () http://www.securityfocus.com/bid/22111 - () http://www.securityfocus.com/bid/22111 -
References () http://www.vupen.com/english/advisories/2007/0245 - () http://www.vupen.com/english/advisories/2007/0245 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/31567 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/31567 -
Information

Published : 2007-01-20 01:28

Updated : 2024-11-21 00:25

NVD link : CVE-2007-0397

Mitre link : CVE-2007-0397

CVE.ORG link : CVE-2007-0397

JSON object : View

Products Affected

cisco

  • adaptive_security_appliance_device_manager
  • security_monitoring_analysis_and_response_system
CWE
NVD-CWE-Other

NetmanageIT Website NetmanageIT OSINT Web NetmanageIT OpenCTI NetmanageIT PDF Tools NetmanageIT CTO Corner Blog NetmanageIT Email Header Analyzer NetmanageIT Password Pusher NetmanageIT Internet Health and Latency Dashboard NetmanageIT Dedicated Speed Test Site NetmanageIT Ubuntu Mirror 10Gbps Copyright OpenCVE 2024