Unauthorized Access in Cisco ASA CX Context-Aware Security Web GUI
CVE-2015-6344

Currently unrated

Key Information:

Vendor
Cisco
Status
Asa Cx Context-aware Security Software
Vendor
CVE Published:
30 October 2015

Summary

The web-based graphical user interface (GUI) of Cisco's Adaptive Security Appliance (ASA) CX Context-Aware Security version 9.3(4.1.11) is susceptible to a vulnerability that enables remote authenticated users to bypass designated access restrictions. This flaw allows unauthorized access to sensitive user information through specific HTTP requests, raising significant security concerns for users and administrators.

References

http://www.securitytracker.com/id/1034001
vdb-entryx_refsource_SECTRACK
http://tools.cisco.com/security/center/content/CiscoSecur...
vendor-advisoryx_refsource_CISCO

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.