Information Disclosure in Cisco PIX Firewall Manager 4.3(2)g
CVE-2001-1098

Currently unrated

Key Information:

Vendor: Cisco
Status: Pix Firewall Manager
Vendor: CVE Published:; 10 October 2001

Summary

The Cisco PIX Firewall Manager version 4.3(2)g is susceptible to information disclosure vulnerabilities due to the logging of enable passwords in plaintext within its pfm.log file. This configuration inadequacy allows local users with access to the log file to easily obtain sensitive credentials, potentially leading to unauthorized access and compromising the security of the firewall system.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/7265

vdb-entryx_refsource_XF

http://www.kb.cert.org/vuls/id/639507

third-party-advisoryx_refsource_CERT-VN

http://www.securityfocus.com/bid/3419

vdb-entryx_refsource_BID

Timeline

Vulnerability Reserved
Mar 15, 2002
Vulnerability published
Oct 10, 2001