4.3
CVE-2011-3309
- EPSS 0.25%
- Published 02.05.2012 10:09:21
- Last modified 11.04.2025 00:51:21
- Source psirt@cisco.com
- Teams watchlist Login
- Open Login
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process IKE requests despite a vpnclient mode configuration, which allows remote attackers to obtain potentially sensitive information by reading IKE responder traffic, aka Bug ID CSCtt07749.
Data is provided by the National Vulnerability Database (NVD)
Cisco ≫ Adaptive Security Appliance Software Version8.2.1
Cisco ≫ Adaptive Security Appliance Software Version8.2.2
Cisco ≫ Adaptive Security Appliance Software Version8.2.2 Updateinterim
Cisco ≫ Adaptive Security Appliance Software Version8.2.3
Cisco ≫ Adaptive Security Appliance Software Version8.3.1
Cisco ≫ Adaptive Security Appliance Software Version8.3.1 Updateinterim
Cisco ≫ Adaptive Security Appliance Software Version8.3.2
Cisco ≫ Adaptive Security Appliance Software Version8.4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.455 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.