Lucene search
CiscoCVE-2011-3309HistoryMay 02, 2012 - 10:09 a.m.
CVE-2011-3309
2012-05-0210:09:21
CWE-200
cisco
web.nvd.nist.gov
21
cve-2011-3309
cisco
asa
vpn
client mode
ike
information disclosure
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
67.9%
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process IKE requests despite a vpnclient mode configuration, which allows remote attackers to obtain potentially sensitive information by reading IKE responder traffic, aka Bug ID CSCtt07749.
Affected configurations
Node
ciscoadaptive_security_appliance_softwareMatch8.2\(1\)
ORciscoadaptive_security_appliance_softwareMatch8.2\(2\)
ORciscoadaptive_security_appliance_softwareMatch8.2\(3\)
ORciscoadaptive_security_appliance_softwareMatch8.2\(3.9\)
ORciscoadaptive_security_appliance_softwareMatch8.2\(4\)
ORciscoadaptive_security_appliance_softwareMatch8.2\(4.1\)
ORciscoadaptive_security_appliance_softwareMatch8.2\(4.4\)
ORciscoadaptive_security_appliance_softwareMatch8.2\(5\)
ORciscoadaptive_security_appliance_softwareMatch8.2.1
ORciscoadaptive_security_appliance_softwareMatch8.2.2
ORciscoadaptive_security_appliance_softwareMatch8.2.2interim
ORciscoadaptive_security_appliance_softwareMatch8.2.3
ORciscoadaptive_security_appliance_softwareMatch8.3\(1\)
ORciscoadaptive_security_appliance_softwareMatch8.3\(2\)
ORciscoadaptive_security_appliance_softwareMatch8.3.1
ORciscoadaptive_security_appliance_softwareMatch8.3.1interim
ORciscoadaptive_security_appliance_softwareMatch8.3.2
ORciscoadaptive_security_appliance_softwareMatch8.4
ORciscoadaptive_security_appliance_softwareMatch8.4\(1\)
ORciscoadaptive_security_appliance_softwareMatch8.4\(1.11\)
ORciscoadaptive_security_appliance_softwareMatch8.4\(2\)
ORciscoadaptive_security_appliance_softwareMatch8.4\(2.11\)
cisco5500_series_adaptive_security_appliance
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | 8.2(1) | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(1\):*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2(2) | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(2\):*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2(3) | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3\):*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2(3.9) | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3.9\):*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2(4) | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4\):*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2(4.1) | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.1\):*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2(4.4) | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.4\):*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2(5) | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(5\):*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2.1 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2.2 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2011-3309
2012-05-02 10:00:00
prion
prion
Code injection
2012-05-02 10:09:00
nvd
nvd
CVE-2011-3309
2012-05-02 10:09:21
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
AI Score
6.5
Confidence
Low
EPSS
0.003
Percentile
67.9%
Related for CVE-2011-3309