Summary
Cisco ASA Software is prone to an information-disclosure vulnerability.
Impact
An attacker can leverage this issue to obtain sensitive information that may aid in further attacks.
Solution
Updates are available.
Insight
This issue is being tracked by Cisco bug ID CSCuq65542.
Detection
Try to access /CSCOSSLC/config-auth and check the response
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-3398 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Subversion Module Metadata Accessible
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- Apache ActiveMQ Source Code Information Disclosure Vulnerability
- 7Media Web Solutions EduTrac Directory Traversal Vulnerability
- Apache OFBiz Multiple Cross Site Scripting Vulnerabilities