Information disclosure in Cisco 5500_series_adaptive_security_appliance

CVE-2011-3309

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process IKE requests despite a vpnclient mode configuration, which allows remote attackers to obtain potentially sensitive information by reading IK…

Vulnerability class: Information Disclosure

EPSS: 0.003 (48.6th percentile) — read the EPSS interpretation.

Affected products

Cisco 5500_series_adaptive_security_appliance
Cisco Adaptive_security_appliance_software — versions 8.2\(1\), 8.2\(2\), 8.2\(3\)
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

1027008 (vdb-entry, x_refsource_SECTRACK)
psirt@cisco.com (x_refsource_CONFIRM)