CVE-2010-4354

The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device, which allows remote attackers to enumerate valid group names via a series of IKE negotiation attempts, aka Bug ID CSCtj96108, a different vulnerability than CVE-2005-2025.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.cisco.com/en/US/products/products_security_response09186a0080b5992c.html	Vendor Advisory
http://www.cisco.com/en/US/products/products_security_response09186a0080b5992c.html	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:h:cisco:vpn_3000_concentrator::::::::
	cpe:2.3:h:cisco:vpn_3005_concentrator::::::::
	cpe:2.3:h:cisco:vpn_3015_concentrator::::::::
	cpe:2.3:h:cisco:vpn_3020_concentrator::::::::
	cpe:2.3:h:cisco:vpn_3030_concentator::::::::
	cpe:2.3:h:cisco:vpn_3060_concentrator::::::::
	cpe:2.3:h:cisco:vpn_3080_concentrator::::::::

History

21 Nov 2024, 01:20

Type	Values Removed	Values Added
References	~~() http://www.cisco.com/en/US/products/products_security_response09186a0080b5992c.html - Vendor Advisory~~	() http://www.cisco.com/en/US/products/products_security_response09186a0080b5992c.html - Vendor Advisory

Information

Published : 2010-11-30 22:14

Updated : 2024-11-21 01:20

NVD link : CVE-2010-4354

Mitre link : CVE-2010-4354

CVE.ORG link : CVE-2010-4354

JSON object : View

Products Affected

cisco

vpn_3015_concentrator
pix_500
vpn_3020_concentrator
vpn_3005_concentrator
asa_5500
vpn_3030_concentator
vpn_3000_concentrator
vpn_3060_concentrator
vpn_3080_concentrator

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2010-4354", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-11-30T22:14:00.913", "references": [{"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080b5992c.html", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.cisco.com/en/US/products/products_security_response09186a0080b5992c.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device, which allows remote attackers to enumerate valid group names via a series of IKE negotiation attempts, aka Bug ID CSCtj96108, a different vulnerability than CVE-2005-2025."}, {"lang": "es", "value": "La implementaci\u00f3n del acceso remoto de IPSec VPN en las series de dispositivos Cisco Adaptive Security Appliances (ASA) 5500, PIX Security Appliances 500 , y concentradores VPN 3000 responden a un mensaje 'Aggressive Mode IKE Phase I' s\u00f3lo cuando el nombre del grupo est\u00e1 configurado en el dispositivo, lo que permite enumerar los nombres v\u00e1lidos de grupo a atacantes remotos a trav\u00e9s de una serie de intentos de negociaci\u00f3n IKE. Este fallo tambi\u00e9n conocido como ID CSCtj96108. Se trata de una vulnerabilidad diferente a CVE-2005-2025.\r\n"}], "lastModified": "2024-11-21T01:20:45.830", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:vpn_3000_concentrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "24BE2649-D823-486B-8F6C-4B8128EC2795"}, {"criteria": "cpe:2.3:h:cisco:vpn_3005_concentrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E098419B-1B9E-4191-9C72-65CE43E38F3B"}, {"criteria": "cpe:2.3:h:cisco:vpn_3015_concentrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A512328-2FD0-4B1D-9327-A13A0BCE9C0D"}, {"criteria": "cpe:2.3:h:cisco:vpn_3020_concentrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D5D50FE2-A4E6-4EF4-A91C-88FB0AF6CCB4"}, {"criteria": "cpe:2.3:h:cisco:vpn_3030_concentator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6548F964-B8EE-4B39-87CF-99743D41C42C"}, {"criteria": "cpe:2.3:h:cisco:vpn_3060_concentrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E08810E6-33B6-45FF-91C7-EED10DC023EA"}, {"criteria": "cpe:2.3:h:cisco:vpn_3080_concentrator:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BD1A1AC-980F-428E-8BAF-0FC821014868"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}