Описание
The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, which allows man-in-the-middle attackers to spoof TLS content by modifying packets, aka Bug ID CSCuu52976.
Уязвимые конфигурации
EPSS
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, which allows man-in-the-middle attackers to spoof TLS content by modifying packets, aka Bug ID CSCuu52976.
Уязвимость операционной системы Cisco Adaptive Security Appliance, позволяющая нарушителю проводить атаки типа "человек посередине"
EPSS
4.3 Medium
CVSS2