CVE-2007-4786
CVE-2007-4786
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
10 sep 2007Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information.
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://osvdb.org/37499http://secunia.com/advisories/26677https://exchange.xforce.ibmcloud.com/vulnerabilities/36473http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsj72903http://www.kb.cert.org/vuls/id/563673http://www.kb.cert.org/vuls/id/MIMG-74ZK93http://www.securityfocus.com/bid/25548http://www.securitytracker.com/id?1018660http://www.vupen.com/english/advisories/2007/3076