PT-2012-1686 · Cisco · Cisco Asa
Published
2012-05-02
·
Updated
2023-08-15
·
CVE-2011-3309
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Adaptive Security Appliances (ASA) 5500 series devices versions 8.2 through 8.4
Description
The issue allows remote attackers to obtain potentially sensitive information by reading IKE responder traffic, due to the devices processing IKE requests despite a vpnclient mode configuration.
Recommendations
For versions 8.2 through 8.4, consider disabling IKE requests when in vpnclient mode to prevent the disclosure of sensitive information.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Asa