Summary
Cisco ASA Software is prone to an information-disclosure vulnerability.
Impact
An attacker can leverage this issue to obtain sensitive information that may aid in further attacks.
Solution
Updates are available.
Insight
This issue is being tracked by Cisco bug ID CSCuq65542.
Detection
Try to access /CSCOSSLC/config-auth and check the response
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-3398 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities