CVE-2010-4690

Currently unrated

Key Information:

Vendor: Cisco
Status: Adaptive Security Appliance Software; 5500 Series Adaptive Security Appliance; Asa 5500
Vendor: CVE Published:; 7 January 2011

Summary

The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635.

References

http://www.securitytracker.com/id?1024963

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/45768

vdb-entryx_refsource_BID

http://www.cisco.com/en/US/docs/security/asa/asa83/releas...

x_refsource_CONFIRM

Timeline

Vulnerability published
Jan 7, 2011
Vulnerability Reserved
Jan 7, 2011