exploitDog

CVE-2014-3398

Опубликовано: 05 окт. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response data that is provided for a request to an unspecified URL, aka Bug ID CSCuq65542.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3398
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-3398
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.009

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-7r9f-hjch-wrw3

github

больше 3 лет назад

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain potentially sensitive software-version information by reading the verbose response data that is provided for a request to an unspecified URL, aka Bug ID CSCuq65542.

EPSS

Процентиль: 75%

0.009

Низкий

5 Medium

CVSS2

Дефекты

CWE-200