cvelistv5 - cve-2010-4675

cve-2010-4675

Vulnerability from cvelistv5

Published

2011-01-07 11:00

Modified

2024-08-07 03:51

Severity ?

Summary

References

▼	URL	Tags
	cve@mitre.org	http://secunia.com/advisories/42931
	cve@mitre.org	http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf
	cve@mitre.org	http://www.securityfocus.com/bid/45767
	cve@mitre.org	http://www.securitytracker.com/id?1024963
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/64601
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42931
	af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/45767
	af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024963
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/64601

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:51:17.992Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1024963",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1024963"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
          },
          {
            "name": "asa-telnet-security-bypass(64601)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64601"
          },
          {
            "name": "45767",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/45767"
          },
          {
            "name": "42931",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42931"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-09-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \"lowest security level interface,\" aka Bug ID CSCsv40504."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1024963",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1024963"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
        },
        {
          "name": "asa-telnet-security-bypass(64601)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64601"
        },
        {
          "name": "45767",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/45767"
        },
        {
          "name": "42931",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42931"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4675",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \"lowest security level interface,\" aka Bug ID CSCsv40504."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1024963",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1024963"
            },
            {
              "name": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf",
              "refsource": "CONFIRM",
              "url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
            },
            {
              "name": "asa-telnet-security-bypass(64601)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64601"
            },
            {
              "name": "45767",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/45767"
            },
            {
              "name": "42931",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42931"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-4675",
    "datePublished": "2011-01-07T11:00:00",
    "dateReserved": "2011-01-06T00:00:00",
    "dateUpdated": "2024-08-07T03:51:17.992Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2010-4675\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-01-07T12:00:50.030\",\"lastModified\":\"2024-11-21T01:21:29.617\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \\\"lowest security level interface,\\\" aka Bug ID CSCsv40504.\"},{\"lang\":\"es\",\"value\":\"Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) no determinan apropiadamente los interfaces para los que las conexiones TELNET est\u00e1n permitidas, lo que permite a usuarios autenticados remotos evitar las restricciones de acceso previstas a trav\u00e9s de vectores que involucran el interfaz de nivel de seguridad m\u00e1s bajo (\\\"lowest security level interface\\\"). Tambi\u00e9n conocido como Bug ID CSCsv40504.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:C/I:C/A:C\",\"baseScore\":9.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.2\\\\(2\\\\)\",\"matchCriteriaId\":\"808F70E1-4528-47A1-8DA8-CB90D8A166B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85ED2D96-5CC9-4851-986A-C9ED5E2D96CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(0\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15ECB359-7290-4732-96F2-AFCEE21C7899\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DA2F01C-ECF1-477B-A413-75D0EB817079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(4\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC150564-7413-401A-9DD8-8AD773F1D8F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0714F9E-75AD-4405-BBC3-E0D817C05EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(5.2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9649696-DE81-48C7-A276-17E1ECADAD5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(6.7\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F31A44B7-7DD8-4ECF-9BA0-7D1983A2DB09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7632C245-04C6-4E78-87B7-55CCCA6FD6C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EA0DDDD-C987-4DA6-ADEE-77B387C26A92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E84099EB-2535-4A9F-8355-FF937CFBD122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C599F894-DAD2-4231-8BB8-1427E7C02D60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49696766-ECCE-4903-AA54-271EFEA58B8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1F60C12-71C9-47C6-B43F-A0374419D736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C853CD9-F451-406E-A515-3BDC34E55639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD7C28DC-B15F-486B-96F1-D08529B7374A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B03A1408-A55A-4482-B239-B13094B13BFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*\",\"matchCriteriaId\":\"62DC7025-F067-45CB-BEA6-ED16A5BD2896\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1557499-D1A1-4A26-80DA-A3D66AA53580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2649C78C-D742-4E6F-950F-54BF7CF797C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.27\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"469CFE0C-6319-46F3-8D31-4850F5E6A830\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.48\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4333600F-0277-4D6C-922E-53FA01CF3C2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.49\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35AFDFE9-CCC9-453B-A081-939D1D554379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C82C545-6796-4B67-A97D-0435D41C63C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA336EBF-FA9A-4B80-A486-446A1C4B72F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B53107-BCD0-4D3E-B090-91D6BD6139C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C926091-D9A6-4264-8E9A-52AFCBC09D34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE82E4AC-BE77-4A45-839F-45163D64A4C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(1.22\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.7\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B521F270-2D51-48BE-BC29-0EDED33FA30B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.8\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39BA51CC-2ADA-4527-8D47-D821BBFA5EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.10\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C73F417-0CF4-4E78-9B33-939F0E41994E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.14\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67BABA2F-EE28-4914-8130-6768EC599B65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.15\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C912270C-6ABB-4149-8E67-96028B45C312\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.16\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB2631B6-F238-4FE3-AA34-703FFB6D6803\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.17\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F1C112-F1C1-4703-8EE0-2FC9F8B233CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.18\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55D3385-FEE7-44AA-A65A-50924FDC1BFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.19\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC223DE2-90CA-43CD-8EBF-C9C351D10187\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.48\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E853B8BF-07F5-46DF-8DEA-302F68B8B086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95627941-30D8-452F-B6C8-76D2BEE93514\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"364CA0EA-F85E-4C4B-96D8-A7256F413844\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67AB954E-D1F4-4B29-B782-2E9917D82DE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DA3389C-86FE-45F7-97D7-E3386403944F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"656D49C2-4F2E-4369-8933-FF74A3CD51EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C68E73D6-A207-4276-A972-52B859CD958A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E406214-2776-42C2-B777-92E6420FBFBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73BA05D1-78A7-4F90-9448-3F2011EE3EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F2C8AFA-A4B6-44A2-B00C-1950997493C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"465313C5-BFB9-458A-8150-8F7BA1F8C386\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C808D46-C846-4C53-A713-150C3FED3FAB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CB79D96-75EA-4B4F-99A7-9AB4158B7301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FCBA3A3-7C8F-481A-9BEC-78981547F8BE\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/42931\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/45767\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1024963\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64601\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/42931\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/45767\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1024963\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64601\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the "lowest security level interface," aka Bug ID CSCsv40504. The problem is Bug ID CSCsv40504 It is a problem.Service disruption by remotely authenticated user (DoS) There is a possibility of being put into a state. The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. ----------------------------------------------------------------------

Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM).

Request a free trial: http://secunia.com/products/corporate/vim/

TITLE: Cisco ASA 5500 Series Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA42931

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42931/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42931

RELEASE DATE: 2011-01-18

DISCUSS ADVISORY: http://secunia.com/advisories/42931/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/42931/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=42931

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Multiple vulnerabilities have been reported in Cisco ASA (Adaptive Security Appliance) 5500 Series, which can be exploited by malicious users and malicious people to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).

1) An error when handling EIGRP multicast traffic can be exploited to exhaust certain system resources.

Successful exploitation of this vulnerability requires valid credentials.

3) An error when handling unspecified IPSEC traffic can be exploited to cause a device to crash via a high volume of traffic.

4) An error in emWEB when handling filename requests can be exploited to crash the daemon by requesting a filename containing white space characters.

5) An error when handling packets during device startup can be exploited to bypass configured access restrictions.

6) An error when handling Online Certificate Status Protocol (OCSP) connection failures can be exploited by OCSP responders to exhaust TCP sockets by rejecting connection attempts.

7) An error in the WebVPN implementation when handling CIFS connections can be exploited to access a share via certain CIFS requests.

Successful exploitation of this vulnerability requires valid credentials and CIFS file browsing to be disabled.

8) An error within SMTP inspection can be exploited to bypass the inspection via prepended space characters.

9) An error when handling LDAP connections can be exploited to exhaust memory resources via invalid authentication attempts.

10) An error within SIP inspection can be exploited to crash a device via a high volume of calls (greater than 600).

11) An error in the Mobile User Security (MUS) service when handling HTTP requests from a Web Security Appliance (WSA) can be exploited to bypass authentication via a HEAD request.

12) An error when handling unspecified multicast traffic can be exploited to crash a device.

13) An error when handling LAN-to-LAN (L2L) IPSEC sessions can be exploited to crash a device via a high volume of sessions (greater than 10000).

The vulnerabilities are reported in versions prior to 8.2(4) and 8.3(2).

SOLUTION: Update to versions 8.2(4) and 8.3(2).

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

ORIGINAL ADVISORY: http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201101-0329",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.2.2"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.1.1"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.2.4"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.2.1"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.1.2"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.0.1"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.2.1"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.2\\(2.8\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "7.2.5"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "8.0"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.0.3"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0\\(0\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.7\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.0.2"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.16\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2.3"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0\\(5\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.10\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.1\\(2.49\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.0.5"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0\\(6.7\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(1\\)"
      },
      {
        "model": "5500 series adaptive security appliance",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.1\\(2\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.5\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.2\\(2\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0.8"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0.4.3"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.1\\(2.27\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0.1.4"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0.2"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.0.4"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.18\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.48\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.1"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2.2"
      },
      {
        "model": "asa 5500",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.1\\(5\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.15\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0\\(4\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.19\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0.7"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0\\(2\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0.6"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0.4"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.1\\(2.5\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0\\(5.2\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "8.2\\(1\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0.5"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.0"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.1\\(2.48\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.17\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(1.22\\)"
      },
      {
        "model": "adaptive security appliance software",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "7.2\\(2.14\\)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(1.10)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(1.15)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(1.16)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(1.2)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(1.5)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(2)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(2.1)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(2.10)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(2.13)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "55008.2(2.17)"
      },
      {
        "model": "adaptive security appliance",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "5500 version  8.2(3)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.2(3)"
      },
      {
        "model": "asa series adaptive security appliance",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "55008.1(2.46)"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      },
      {
        "db": "BID",
        "id": "45767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201101-035"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-4675"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/h:cisco:adaptive_security_appliance",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco",
    "sources": [
      {
        "db": "BID",
        "id": "45767"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2010-4675",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "CVE-2010-4675",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.0,
            "id": "VHN-47280",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:S/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2010-4675",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2010-4675",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201101-035",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-47280",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-47280"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201101-035"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-4675"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \"lowest security level interface,\" aka Bug ID CSCsv40504. The problem is Bug ID CSCsv40504 It is a problem.Service disruption by remotely authenticated user (DoS) There is a possibility of being put into a state. The Cisco Adaptive Security Appliance is an adaptive security appliance that provides modules for security and VPN services. ----------------------------------------------------------------------\n\n\nSecure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). \n\nRequest a free trial: \nhttp://secunia.com/products/corporate/vim/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco ASA 5500 Series Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA42931\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/42931/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42931\n\nRELEASE DATE:\n2011-01-18\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/42931/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/42931/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42931\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Cisco ASA (Adaptive\nSecurity Appliance) 5500 Series, which can be exploited by malicious\nusers and malicious people to bypass certain security restrictions\nand by malicious people to cause a DoS (Denial of Service). \n\n1) An error when handling EIGRP multicast traffic can be exploited to\nexhaust certain system resources. \n\nSuccessful exploitation of this vulnerability requires valid\ncredentials. \n\n3) An error when handling unspecified IPSEC traffic can be exploited\nto cause a device to crash via a high volume of traffic. \n\n4) An error in emWEB when handling filename requests can be exploited\nto crash the daemon by requesting a filename containing white space\ncharacters. \n\n5) An error when handling packets during device startup can be\nexploited to bypass configured access restrictions. \n\n6) An error when handling Online Certificate Status Protocol (OCSP)\nconnection failures can be exploited by OCSP responders to exhaust\nTCP sockets by rejecting connection attempts. \n\n7) An error in the WebVPN implementation when handling CIFS\nconnections can be exploited to access a share via certain CIFS\nrequests. \n\nSuccessful exploitation of this vulnerability requires valid\ncredentials and CIFS file browsing to be disabled. \n\n8) An error within SMTP inspection can be exploited to bypass the\ninspection via prepended space characters. \n\n9) An error when handling LDAP connections can be exploited to\nexhaust memory resources via invalid authentication attempts. \n\n10) An error within SIP inspection can be exploited to crash a device\nvia a high volume of calls (greater than 600). \n\n11) An error in the Mobile User Security (MUS) service when handling\nHTTP requests from a Web Security Appliance (WSA) can be exploited to\nbypass authentication via a HEAD request. \n\n12) An error when handling unspecified multicast traffic can be\nexploited to crash a device. \n\n13) An error when handling LAN-to-LAN (L2L) IPSEC sessions can be\nexploited to crash a device via a high volume of sessions (greater\nthan 10000). \n\nThe vulnerabilities are reported in versions prior to 8.2(4) and\n8.3(2). \n\nSOLUTION:\nUpdate to versions 8.2(4) and 8.3(2). \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html\nhttp://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2010-4675"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      },
      {
        "db": "BID",
        "id": "45767"
      },
      {
        "db": "VULHUB",
        "id": "VHN-47280"
      },
      {
        "db": "PACKETSTORM",
        "id": "97596"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2010-4675",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "45767",
        "trust": 2.2
      },
      {
        "db": "SECUNIA",
        "id": "42931",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1024963",
        "trust": 1.9
      },
      {
        "db": "VUPEN",
        "id": "ADV-2011-0130",
        "trust": 0.8
      },
      {
        "db": "XF",
        "id": "64601",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201101-035",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2011-0109",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-47280",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "97596",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      },
      {
        "db": "VULHUB",
        "id": "VHN-47280"
      },
      {
        "db": "BID",
        "id": "45767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      },
      {
        "db": "PACKETSTORM",
        "id": "97596"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201101-035"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-4675"
      }
    ]
  },
  "id": "VAR-201101-0329",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      },
      {
        "db": "VULHUB",
        "id": "VHN-47280"
      }
    ],
    "trust": 1.3368590999999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:47:04.572000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "22291",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22291"
      },
      {
        "title": "Release Notes for the Cisco ASA 5500 Series, Version 8.2(x)",
        "trust": 0.8,
        "url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
      },
      {
        "title": "The Cisco Adaptive Security Appliances (ASA) 5500 determines which patches are vulnerable to interfaces that allow TELNET connections.",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/2535"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-47280"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-4675"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.6,
        "url": "http://www.cisco.com/en/us/docs/security/asa/asa82/release/notes/asarn82.pdf"
      },
      {
        "trust": 1.9,
        "url": "http://www.securityfocus.com/bid/45767"
      },
      {
        "trust": 1.9,
        "url": "http://www.securitytracker.com/id?1024963"
      },
      {
        "trust": 1.9,
        "url": "http://secunia.com/advisories/42931"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64601"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4675"
      },
      {
        "trust": 0.8,
        "url": "http://xforce.iss.net/xforce/xfdb/64601"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-4675"
      },
      {
        "trust": 0.8,
        "url": "http://www.vupen.com/english/advisories/2011/0130"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/evm/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=42931"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/42931/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/42931/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/products/corporate/vim/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/en/us/docs/security/asa/asa83/release/notes/asarn83.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/en/us/docs/security/asa/asa82/release/notes/asarn82.html"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      },
      {
        "db": "VULHUB",
        "id": "VHN-47280"
      },
      {
        "db": "BID",
        "id": "45767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      },
      {
        "db": "PACKETSTORM",
        "id": "97596"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201101-035"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-4675"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      },
      {
        "db": "VULHUB",
        "id": "VHN-47280"
      },
      {
        "db": "BID",
        "id": "45767"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      },
      {
        "db": "PACKETSTORM",
        "id": "97596"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201101-035"
      },
      {
        "db": "NVD",
        "id": "CVE-2010-4675"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-01-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      },
      {
        "date": "2011-01-07T00:00:00",
        "db": "VULHUB",
        "id": "VHN-47280"
      },
      {
        "date": "2011-01-11T00:00:00",
        "db": "BID",
        "id": "45767"
      },
      {
        "date": "2011-02-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      },
      {
        "date": "2011-01-18T10:42:17",
        "db": "PACKETSTORM",
        "id": "97596"
      },
      {
        "date": "2011-01-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201101-035"
      },
      {
        "date": "2011-01-07T12:00:50.030000",
        "db": "NVD",
        "id": "CVE-2010-4675"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2011-01-12T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2011-0109"
      },
      {
        "date": "2017-08-17T00:00:00",
        "db": "VULHUB",
        "id": "VHN-47280"
      },
      {
        "date": "2011-01-11T00:00:00",
        "db": "BID",
        "id": "45767"
      },
      {
        "date": "2011-02-23T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      },
      {
        "date": "2011-01-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201101-035"
      },
      {
        "date": "2024-11-21T01:21:29.617000",
        "db": "NVD",
        "id": "CVE-2010-4675"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201101-035"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Adaptive Security Appliances Service disruption on devices  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2011-001114"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201101-035"
      }
    ],
    "trust": 0.6
  }
}

ghsa-3pq5-p8h5-jfr8

Vulnerability from github

Published

2022-05-17 02:03

Modified

2022-05-17 02:03

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2010-4675"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2011-01-07T12:00:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \"lowest security level interface,\" aka Bug ID CSCsv40504.",
  "id": "GHSA-3pq5-p8h5-jfr8",
  "modified": "2022-05-17T02:03:35Z",
  "published": "2022-05-17T02:03:35Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4675"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64601"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/42931"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/45767"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1024963"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

gsd-2010-4675

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2010-4675

Aliases

CVE-2010-4675

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2010-4675",
    "description": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \"lowest security level interface,\" aka Bug ID CSCsv40504.",
    "id": "GSD-2010-4675"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2010-4675"
      ],
      "details": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \"lowest security level interface,\" aka Bug ID CSCsv40504.",
      "id": "GSD-2010-4675",
      "modified": "2023-12-13T01:21:29.678465Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2010-4675",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \"lowest security level interface,\" aka Bug ID CSCsv40504."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1024963",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1024963"
          },
          {
            "name": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf",
            "refsource": "CONFIRM",
            "url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
          },
          {
            "name": "asa-telnet-security-bypass(64601)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64601"
          },
          {
            "name": "45767",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/45767"
          },
          {
            "name": "42931",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/42931"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "8.2\\(2\\)",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(0\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(2\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5.2\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(6.7\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.5\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.27\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.48\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.49\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(5\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.18\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-4675"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \"lowest security level interface,\" aka Bug ID CSCsv40504."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-264"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
            },
            {
              "name": "45767",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/45767"
            },
            {
              "name": "42931",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/42931"
            },
            {
              "name": "1024963",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1024963"
            },
            {
              "name": "asa-telnet-security-bypass(64601)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64601"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2023-08-11T19:03Z",
      "publishedDate": "2011-01-07T12:00Z"
    }
  }
}

fkie_cve-2010-4675

Vulnerability from fkie_nvd

Published

2011-01-07 12:00

Modified

2024-11-21 01:21

Severity ?

Summary

References

▼	URL	Tags
	cve@mitre.org	http://secunia.com/advisories/42931
	cve@mitre.org	http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf
	cve@mitre.org	http://www.securityfocus.com/bid/45767
	cve@mitre.org	http://www.securitytracker.com/id?1024963
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/64601
	af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/42931
	af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/45767
	af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1024963
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/64601

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	*
cisco	adaptive_security_appliance_software	7.0
cisco	adaptive_security_appliance_software	7.0\(0\)
cisco	adaptive_security_appliance_software	7.0\(2\)
cisco	adaptive_security_appliance_software	7.0\(4\)
cisco	adaptive_security_appliance_software	7.0\(5\)
cisco	adaptive_security_appliance_software	7.0\(5.2\)
cisco	adaptive_security_appliance_software	7.0\(6.7\)
cisco	adaptive_security_appliance_software	7.0.1
cisco	adaptive_security_appliance_software	7.0.1.4
cisco	adaptive_security_appliance_software	7.0.2
cisco	adaptive_security_appliance_software	7.0.4
cisco	adaptive_security_appliance_software	7.0.4.3
cisco	adaptive_security_appliance_software	7.0.5
cisco	adaptive_security_appliance_software	7.0.6
cisco	adaptive_security_appliance_software	7.0.7
cisco	adaptive_security_appliance_software	7.0.8
cisco	adaptive_security_appliance_software	7.0.8
cisco	adaptive_security_appliance_software	7.1
cisco	adaptive_security_appliance_software	7.1\(2\)
cisco	adaptive_security_appliance_software	7.1\(2.5\)
cisco	adaptive_security_appliance_software	7.1\(2.27\)
cisco	adaptive_security_appliance_software	7.1\(2.48\)
cisco	adaptive_security_appliance_software	7.1\(2.49\)
cisco	adaptive_security_appliance_software	7.1\(5\)
cisco	adaptive_security_appliance_software	7.1.1
cisco	adaptive_security_appliance_software	7.1.2
cisco	adaptive_security_appliance_software	7.2
cisco	adaptive_security_appliance_software	7.2\(1\)
cisco	adaptive_security_appliance_software	7.2\(1.22\)
cisco	adaptive_security_appliance_software	7.2\(2\)
cisco	adaptive_security_appliance_software	7.2\(2.5\)
cisco	adaptive_security_appliance_software	7.2\(2.7\)
cisco	adaptive_security_appliance_software	7.2\(2.8\)
cisco	adaptive_security_appliance_software	7.2\(2.10\)
cisco	adaptive_security_appliance_software	7.2\(2.14\)
cisco	adaptive_security_appliance_software	7.2\(2.15\)
cisco	adaptive_security_appliance_software	7.2\(2.16\)
cisco	adaptive_security_appliance_software	7.2\(2.17\)
cisco	adaptive_security_appliance_software	7.2\(2.18\)
cisco	adaptive_security_appliance_software	7.2\(2.19\)
cisco	adaptive_security_appliance_software	7.2\(2.48\)
cisco	adaptive_security_appliance_software	7.2.1
cisco	adaptive_security_appliance_software	7.2.2
cisco	adaptive_security_appliance_software	7.2.3
cisco	adaptive_security_appliance_software	7.2.4
cisco	adaptive_security_appliance_software	7.2.5
cisco	adaptive_security_appliance_software	8.0
cisco	adaptive_security_appliance_software	8.0.2
cisco	adaptive_security_appliance_software	8.0.3
cisco	adaptive_security_appliance_software	8.0.4
cisco	adaptive_security_appliance_software	8.0.5
cisco	adaptive_security_appliance_software	8.2\(1\)
cisco	adaptive_security_appliance_software	8.2.1
cisco	adaptive_security_appliance_software	8.2.2
cisco	adaptive_security_appliance_software	8.2.2
cisco	5500_series_adaptive_security_appliance	*
cisco	asa_5500	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "808F70E1-4528-47A1-8DA8-CB90D8A166B6",
              "versionEndIncluding": "8.2\\(2\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(0\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "15ECB359-7290-4732-96F2-AFCEE21C7899",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3DA2F01C-ECF1-477B-A413-75D0EB817079",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D0714F9E-75AD-4405-BBC3-E0D817C05EF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5.2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D9649696-DE81-48C7-A276-17E1ECADAD5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(6.7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F31A44B7-7DD8-4ECF-9BA0-7D1983A2DB09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7632C245-04C6-4E78-87B7-55CCCA6FD6C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E84099EB-2535-4A9F-8355-FF937CFBD122",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C599F894-DAD2-4231-8BB8-1427E7C02D60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F60C12-71C9-47C6-B43F-A0374419D736",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C853CD9-F451-406E-A515-3BDC34E55639",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD7C28DC-B15F-486B-96F1-D08529B7374A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B03A1408-A55A-4482-B239-B13094B13BFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*",
              "matchCriteriaId": "62DC7025-F067-45CB-BEA6-ED16A5BD2896",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D1557499-D1A1-4A26-80DA-A3D66AA53580",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2649C78C-D742-4E6F-950F-54BF7CF797C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.27\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "469CFE0C-6319-46F3-8D31-4850F5E6A830",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.48\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4333600F-0277-4D6C-922E-53FA01CF3C2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.49\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "35AFDFE9-CCC9-453B-A081-939D1D554379",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7C82C545-6796-4B67-A97D-0435D41C63C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA336EBF-FA9A-4B80-A486-446A1C4B72F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8B53107-BCD0-4D3E-B090-91D6BD6139C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C926091-D9A6-4264-8E9A-52AFCBC09D34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D55D3385-FEE7-44AA-A65A-50924FDC1BFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E853B8BF-07F5-46DF-8DEA-302F68B8B086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "364CA0EA-F85E-4C4B-96D8-A7256F413844",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "67AB954E-D1F4-4B29-B782-2E9917D82DE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DA3389C-86FE-45F7-97D7-E3386403944F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "656D49C2-4F2E-4369-8933-FF74A3CD51EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C68E73D6-A207-4276-A972-52B859CD958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E406214-2776-42C2-B777-92E6420FBFBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "73BA05D1-78A7-4F90-9448-3F2011EE3EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F2C8AFA-A4B6-44A2-B00C-1950997493C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "465313C5-BFB9-458A-8150-8F7BA1F8C386",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*",
              "matchCriteriaId": "9C808D46-C846-4C53-A713-150C3FED3FAB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly determine the interfaces for which TELNET connections should be permitted, which allows remote authenticated users to bypass intended access restrictions via vectors involving the \"lowest security level interface,\" aka Bug ID CSCsv40504."
    },
    {
      "lang": "es",
      "value": "Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) no determinan apropiadamente los interfaces para los que las conexiones TELNET est\u00e1n permitidas, lo que permite a usuarios autenticados remotos evitar las restricciones de acceso previstas a trav\u00e9s de vectores que involucran el interfaz de nivel de seguridad m\u00e1s bajo (\"lowest security level interface\"). Tambi\u00e9n conocido como Bug ID CSCsv40504."
    }
  ],
  "id": "CVE-2010-4675",
  "lastModified": "2024-11-21T01:21:29.617",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2011-01-07T12:00:50.030",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/42931"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/45767"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1024963"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/42931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/45767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1024963"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64601"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2010-4675

Vulnerability from cvelistv5

var-201101-0329

Vulnerability from variot

ghsa-3pq5-p8h5-jfr8

Vulnerability from github

gsd-2010-4675

Vulnerability from gsd

fkie_cve-2010-4675

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature