Lucene search

MitreCVE-2007-2462

HistoryMay 02, 2007 - 10:19 p.m.

CVE-2007-2462

2007-05-0222:19:00

mitre

web.nvd.nist.gov

cisco

adaptive security appliance

asa

pix

vulnerability

ldap

authentication

privilege escalation

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

0.185

Percentile

96.3%

JSON

Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors.

Affected configurations

Nvd

Node

ciscopixRange≤7.2

ciscopixMatch7.1

ciscoadaptive_security_appliance_softwareRange≤7.2.2

ciscoadaptive_security_appliance_softwareMatch7.1

VendorProductVersionCPE
ciscopix*cpe:2.3:h:cisco:pix:*:*:*:*:*:*:*:*
ciscopix7.1cpe:2.3:h:cisco:pix:7.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software*cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software7.1cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	pix	*	cpe:2.3:h:cisco:pix::::::::
cisco	pix	7.1	cpe:2.3:h:cisco:pix:7.1:::::::*
cisco	adaptive_security_appliance_software	*	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
cisco	adaptive_security_appliance_software	7.1	cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:::::::*

References

secunia.com/advisories/25109

www.cisco.com/en/US/products/products_security_advisory09186a0080833166.shtml

www.kb.cert.org/vuls/id/210876

www.osvdb.org/35331

www.securityfocus.com/bid/23768

www.securitytracker.com/id?1017994

www.securitytracker.com/id?1017995

www.vupen.com/english/advisories/2007/1636

exchange.xforce.ibmcloud.com/vulnerabilities/34020

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.2

Confidence

Low

EPSS

0.185

Percentile

96.3%

JSON

Related for CVE-2007-2462