Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
CVE-2008-2736
CVE information
Published
Last Modified
CVSSv2.0 Severity
Impact Analysis
Description
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636..
CVSSv2.0 Score
- Severity
- High
- Base Score
- 7.1/10
- Exploit Score
- 8.6/10
- Access Vector
- Network
- Access Complexity
- Medium
- Authentication Required
- None
- Impact Score
- 6.9/10
- Confidentiality Impact
- Complete
- Availability Impact
- None
- Integrity Impact
- None
Products Affected
| CPE | Affected | Vulnerable | Excluding | Edit |
|---|---|---|---|---|
| cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:* |
Yes
|
- | - | |
| cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:* |
Yes
|
- | - |
References
- http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
- http://www.securitytracker.com/id?1020813
- http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html
- http://secunia.com/advisories/31730
- http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-
- http://www.securityfocus.com/bid/30998
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44870