CVE-2007-0397
Summary
The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- NONE
References
Advisory Timeline
- Published