Information disclosure in Cisco Asa_5500

CVE-2010-4354

The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I me…

Vulnerability class: Information Disclosure

EPSS: 0.003 (48.6th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

20101129 Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)