CVSS: 6.4EPSS: 1%CPEs: 2EXPL: 0CVE-2007-0397
https://notcve.org/view.php?id=CVE-2007-0397
The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information. El Cisco Security Monitoring, Analysis y Response System (CS-MARS) anterior 4.2.3 y Adaptive Security Device Manager (ASDM) anterior 5.2(2.54) no valida los certificados SSL/TLS o llaves públicas SSH cuando se conectan dispositivos, lo cual permite a atacantes remotos suplantar a estos dispositivos obteniendo información sensible o generando información incorrecta. • http://osvdb.org/32720 http://secunia.com/advisories/23836 http://securitytracker.com/id?1017535 http://securitytracker.com/id?1017536 http://www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtml http://www.securityfocus.com/bid/22111 http://www.vupen.com/english/advisories/2007/0245 https://exchange.xforce.ibmcloud.com/vulnerabilities/31567 •