CVE-2007-0397

The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information.
Configurations

Configuration 1

cpe:2.3:h:cisco:security_monitoring_analysis_and_response_system:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.53:*:*:*:*:*:*:*

Information

Published : 2007-01-20 01:28

Updated : 2018-10-30 04:25


NVD link : CVE-2007-0397

Mitre link : CVE-2007-0397