BID:53558

Cisco Adaptive Security Appliance CVE-2012-0335 Information Disclosure Vulnerability

Info

Cisco Adaptive Security Appliance CVE-2012-0335 Information Disclosure Vulnerability

Bugtraq ID:	53558
Class:	Design Error
CVE:	CVE-2012-0335
Remote:	Yes
Local:	No
Published:	May 16 2012 12:00AM
Updated:	May 16 2012 12:00AM
Credit:	Cisco
Vulnerable:	Cisco Adaptive Security Appliance 8.2.1 3 Cisco Adaptive Security Appliance 8.2.1 Cisco Adaptive Security Appliance 8.1.2 Cisco Adaptive Security Appliance 8.0.2 11 Cisco Adaptive Security Appliance 8.1.2.25 Cisco Adaptive Security Appliance 8.1(2)19 Cisco Adaptive Security Appliance 8.1 (2)14 Cisco Adaptive Security Appliance 8.0.4.34 Cisco Adaptive Security Appliance 8.0(4) Cisco Adaptive Security Appliance 8.0

Not Vulnerable:

Discussion

Cisco Adaptive Security Appliance CVE-2012-0335 Information Disclosure Vulnerability

Cisco Adaptive Security Appliance is prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks.

This issue is tracked by Cisco BugId CSCtw89522.

Exploit / POC

Cisco Adaptive Security Appliance CVE-2012-0335 Information Disclosure Vulnerability

Attackers can use readily available tools to exploit this issue.

Solution / Fix

Cisco Adaptive Security Appliance CVE-2012-0335 Information Disclosure Vulnerability

Solution:
Updates are available. Please see the references for more information.

References

Cisco Adaptive Security Appliance CVE-2012-0335 Information Disclosure Vulnerability

References:

Cisco Adaptive Security Appliance Homepage (Cisco)
Cisco ASA Interim Release Notes (Cisco)