Описание
The syslog-management subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain an administrator password by waiting for an administrator to copy a file, and then (1) sniffing the network for a syslog message or (2) reading a syslog message in a file on a syslog server, aka Bug IDs CSCuq22357 and CSCur41860.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00375
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
больше 3 лет назад
The syslog-management subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain an administrator password by waiting for an administrator to copy a file, and then (1) sniffing the network for a syslog message or (2) reading a syslog message in a file on a syslog server, aka Bug IDs CSCuq22357 and CSCur41860.
EPSS
Процентиль: 59%
0.00375
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-200