CVE-2010-4690

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliances (ASA) 5500 series devices versions prior to 8.3(2)

Description The issue concerns the Mobile User Security (MUS) service, which does not properly authenticate HTTP requests from a Web Security appliance (WSA). This could allow remote attackers to obtain sensitive information via a HEAD request.

Recommendations For versions prior to 8.3(2), update to version 8.3(2) or later to resolve the issue. As a temporary workaround, consider restricting access to the MUS service to minimize the risk of exploitation.