SSL Handshake Vulnerability in Cisco's Adaptive Security Appliances
CVE-2009-4912

Currently unrated

Key Information:

Vendor: Cisco
Status: Asa 5580
Vendor: CVE Published:; 29 June 2010

Summary

Cisco Adaptive Security Appliances (ASA) 5580 series devices running software versions prior to 8.1(2) are susceptible to a flaw that allows unauthorized HTTPS clients to successfully complete the SSL handshake. This vulnerability can enable remote attackers to bypass access controls and establish HTTPS sessions with the device, potentially leading to unauthorized network access. Mitigation measures should be implemented to ensure only authorized clients can interact with the ASA devices.

References

http://www.cisco.com/en/US/docs/security/asa/asa81/releas...

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 29, 2010