CVE-2007-0397

Name of the Vulnerable Software and Affected Versions: Cisco Security Monitoring, Analysis and Response System (CS-MARS) versions prior to 4.2.3 Adaptive Security Device Manager (ASDM) versions prior to 5.2(2.54)

Description: The issue allows remote attackers to spoof devices and obtain sensitive information or generate incorrect information due to the lack of validation of SSL/TLS certificates or SSH public keys when connecting to devices.

Recommendations: For Cisco Security Monitoring, Analysis and Response System (CS-MARS) versions prior to 4.2.3, update to version 4.2.3 or later. For Adaptive Security Device Manager (ASDM) versions prior to 5.2(2.54), update to version 5.2(2.54) or later.