CVE-2017-6752

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance versions 9.3(3) through 9.6(2)

Description The issue is related to a lack of protection for service data when interacting with the SSL Connection Profile via the LDAP protocol in the web interface of the Cisco Adaptive Security Appliance. This could allow a remote attacker to determine valid usernames, which could then be used for additional reconnaissance attacks. The vulnerability is due to the interaction between Lightweight Directory Access Protocol (LDAP) and SSL Connection Profile when they are configured together.

Recommendations For versions 9.3(3) and 9.6(2), consider restricting access to the LDAP protocol and SSL Connection Profile until a patch is available. As a temporary workaround, consider disabling the interaction between LDAP and SSL Connection Profile to minimize the risk of exploitation. Avoid using the vulnerable configuration that combines LDAP and SSL Connection Profile until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.