CVE-2007-4786 Information

Feb 14, 2021 cve

Description

Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1 7.1 before 7.1.2.61 7.2 before 7.2.2.34 and 8.0 before 8.0.2.11 when AAA is enabled composes ASA-5-111008 messages from the \test aaa\ command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer which allows context-dependent attackers to obtain sensitive information.

Reference

http://osvdb.org/37499 http://secunia.com/advisories/26677 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsj72903 http://www.kb.cert.org/vuls/id/563673 http://www.kb.cert.org/vuls/id/MIMG-74ZK93 http://www.securityfocus.com/bid/25548 http://www.securitytracker.com/id?1018660 http://www.vupen.com/english/advisories/2007/3076 https://exchange.xforce.ibmcloud.com/vulnerabilities/36473

Share on: