Vulnerability Details CVE-2008-2736
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.8%
CVSS Severity
CVSS v2 Score 7.1
References
- http://secunia.com/advisories/31730
- http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa
- http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html
- http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
- http://www.securityfocus.com/bid/30998
- http://www.securitytracker.com/id?1020813
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44870
- http://secunia.com/advisories/31730
- http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa
- http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html
- http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
- http://www.securityfocus.com/bid/30998
- http://www.securitytracker.com/id?1020813
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44870
Products affected by CVE-2008-2736
-
cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0
-
cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1