CVE-2008-2736
Severity Score
7.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636.
Vulnerabilidad no especificada en Cisco Adaptive Security Appliance (ASA) 5500 dispositivos 8.0(3)15, 8.0(3)16, 8.1(1)4, y 8.1(1)5, cuando se configuran como punto final sin cliente SSL VPN; permite a atacantes remotos obtener nombres de usuario y contraseñas a través de vectores desconocidos. También se conoce como Bug ID CSCsq45636.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-06-16 CVE Reserved
- 2008-09-03 CVE Published
- 2024-08-07 CVE Updated
- 2024-09-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/31730 | Third Party Advisory | |
| http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/30998 | Vdb Entry | |
| http://www.securitytracker.com/id?1020813 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/44870 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Adaptive Security Appliance 5500 Search vendor "Cisco" for product "Adaptive Security Appliance 5500" | 8.0 Search vendor "Cisco" for product "Adaptive Security Appliance 5500" and version "8.0" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Adaptive Security Appliance 5500 Search vendor "Cisco" for product "Adaptive Security Appliance 5500" | 8.1 Search vendor "Cisco" for product "Adaptive Security Appliance 5500" and version "8.1" | - |
Affected
| ||||||