VAR-200709-0395
Vulnerability from variot - Updated: 2024-02-22 22:44Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the "test aaa" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information. The issue arises in the Authentication, Authorization and Accounting (AAA) feature when troubleshooting the ASA server. An attacker can exploit this issue to access users' authentication credentials. Information obtained may lead to further attacks.
BETA test the new Secunia Personal Software Inspector!
The Secunia PSI detects installed software on your computer and categorises it as either Insecure, End-of-Life, or Up-To-Date. Effectively enabling you to focus your attention on software installations where more secure versions are available from the vendors.
The weakness is caused due to Cisco ASA not correctly sanitising log messages of the "test aaa-server" command before sending them to syslog. This can lead to the disclosure of sensitive information like usernames and passwords.
The error occurs when a user with privilege level 15 or above executes the "test aaa-server" command and logging level 5 (notifications) is activated.
SOLUTION: Update to 8.0.2.11 for the 8.0 train, 7.2.2.34 for the 7.2 train, 7.1.2.61 for the 7.1 train, and 7.0.7.1 for the 7.0 train.
PROVIDED AND/OR DISCOVERED BY: Lisa Sittler, CERT/CC.
ORIGINAL ADVISORY: US-CERT VU#563673: http://www.kb.cert.org/vuls/id/563673
http://www.kb.cert.org/vuls/id/MIMG-74ZK93
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200709-0395",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.1.2.61"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "7.1"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.2.2.34"
},
{
"model": "adaptive security appliance software",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "7.0.7.1"
},
{
"model": "adaptive security appliance software",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "8.0.2.11"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "8.0"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "7.2"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "7.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "cisco adaptive security appliance",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco adaptive security appliance",
"scope": "lt",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": "7.0.7.1"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0.6.22"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0.6.29"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0.6.18"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0\\(4\\)"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0.6.26"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0.6.32"
},
{
"model": "adaptive security appliance software",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "7.0.7"
},
{
"model": "adaptive security appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#563673"
},
{
"db": "BID",
"id": "25548"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002609"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-097"
},
{
"db": "NVD",
"id": "CVE-2007-4786"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.0.7.1",
"versionStartIncluding": "7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.2.2.34",
"versionStartIncluding": "7.2",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.1.2.61",
"versionStartIncluding": "7.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "8.0.2.11",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-4786"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Lisa Sittler of CERT/CC is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "25548"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-097"
}
],
"trust": 0.9
},
"cve": "CVE-2007-4786",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.5,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Adjacent Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2007-4786",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.5,
"id": "VHN-28148",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:A/AC:H/AU:S/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "High",
"attackVector": "Adjacent Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2007-4786",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2007-4786",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#563673",
"trust": 0.8,
"value": "0.13"
},
{
"author": "CNNVD",
"id": "CNNVD-200709-097",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-28148",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#563673"
},
{
"db": "VULHUB",
"id": "VHN-28148"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002609"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-097"
},
{
"db": "NVD",
"id": "CVE-2007-4786"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Adaptive Security Appliance (ASA) running PIX 7.0 before 7.0.7.1, 7.1 before 7.1.2.61, 7.2 before 7.2.2.34, and 8.0 before 8.0.2.11, when AAA is enabled, composes %ASA-5-111008 messages from the \"test aaa\" command with cleartext passwords and sends them over the network to a remote syslog server or places them in a local logging buffer, which allows context-dependent attackers to obtain sensitive information. The issue arises in the Authentication, Authorization and Accounting (AAA) feature when troubleshooting the ASA server. \nAn attacker can exploit this issue to access users\u0027 authentication credentials. Information obtained may lead to further attacks. \n\n----------------------------------------------------------------------\n\nBETA test the new Secunia Personal Software Inspector!\n\nThe Secunia PSI detects installed software on your computer and\ncategorises it as either Insecure, End-of-Life, or Up-To-Date. \nEffectively enabling you to focus your attention on software\ninstallations where more secure versions are available from the\nvendors. \n\nThe weakness is caused due to Cisco ASA not correctly sanitising log\nmessages of the \"test aaa-server\" command before sending them to\nsyslog. This can lead to the disclosure of sensitive information like\nusernames and passwords. \n\nThe error occurs when a user with privilege level 15 or above\nexecutes the \"test aaa-server\" command and logging level 5\n(notifications) is activated. \n\nSOLUTION:\nUpdate to 8.0.2.11 for the 8.0 train, 7.2.2.34 for the 7.2 train,\n7.1.2.61 for the 7.1 train, and 7.0.7.1 for the 7.0 train. \n\nPROVIDED AND/OR DISCOVERED BY:\nLisa Sittler, CERT/CC. \n\nORIGINAL ADVISORY:\nUS-CERT VU#563673:\nhttp://www.kb.cert.org/vuls/id/563673\n\nhttp://www.kb.cert.org/vuls/id/MIMG-74ZK93\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-4786"
},
{
"db": "CERT/CC",
"id": "VU#563673"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002609"
},
{
"db": "BID",
"id": "25548"
},
{
"db": "VULHUB",
"id": "VHN-28148"
},
{
"db": "PACKETSTORM",
"id": "59114"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#563673",
"trust": 3.7
},
{
"db": "NVD",
"id": "CVE-2007-4786",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "26677",
"trust": 2.7
},
{
"db": "BID",
"id": "25548",
"trust": 2.0
},
{
"db": "OSVDB",
"id": "37499",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2007-3076",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1018660",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002609",
"trust": 0.8
},
{
"db": "XF",
"id": "36473",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200709-097",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-28148",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "59114",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#563673"
},
{
"db": "VULHUB",
"id": "VHN-28148"
},
{
"db": "BID",
"id": "25548"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002609"
},
{
"db": "PACKETSTORM",
"id": "59114"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-097"
},
{
"db": "NVD",
"id": "CVE-2007-4786"
}
]
},
"id": "VAR-200709-0395",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-28148"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-22T22:44:28.185000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top\u00a0Page",
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/ps6120/index.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002609"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-319",
"trust": 1.0
},
{
"problemtype": "Sending important information in clear text (CWE-319) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-255",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-28148"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002609"
},
{
"db": "NVD",
"id": "CVE-2007-4786"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.kb.cert.org/vuls/id/563673"
},
{
"trust": 2.1,
"url": "http://www.kb.cert.org/vuls/id/mimg-74zk93"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/25548"
},
{
"trust": 1.7,
"url": "http://osvdb.org/37499"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1018660"
},
{
"trust": 1.7,
"url": "http://secunia.com/advisories/26677"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails\u0026bugid=cscsj72903"
},
{
"trust": 1.1,
"url": "http://www.cisco.com/en/us/products/ps6120/index.html"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2007/3076"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36473"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/26677/"
},
{
"trust": 0.8,
"url": "http://en.wikipedia.org/wiki/vlan"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-4786"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/36473"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/3076"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/support/bugtoolkit/search/getbugdetails.do?method=fetchbugdetails\u0026amp;bugid=cscsj72903"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/6115/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#563673"
},
{
"db": "VULHUB",
"id": "VHN-28148"
},
{
"db": "BID",
"id": "25548"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002609"
},
{
"db": "PACKETSTORM",
"id": "59114"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-097"
},
{
"db": "NVD",
"id": "CVE-2007-4786"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#563673"
},
{
"db": "VULHUB",
"id": "VHN-28148"
},
{
"db": "BID",
"id": "25548"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002609"
},
{
"db": "PACKETSTORM",
"id": "59114"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-097"
},
{
"db": "NVD",
"id": "CVE-2007-4786"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-09-05T00:00:00",
"db": "CERT/CC",
"id": "VU#563673"
},
{
"date": "2007-09-10T00:00:00",
"db": "VULHUB",
"id": "VHN-28148"
},
{
"date": "2007-09-05T00:00:00",
"db": "BID",
"id": "25548"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002609"
},
{
"date": "2007-09-07T06:01:27",
"db": "PACKETSTORM",
"id": "59114"
},
{
"date": "2007-09-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200709-097"
},
{
"date": "2007-09-10T21:17:00",
"db": "NVD",
"id": "CVE-2007-4786"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-10-01T00:00:00",
"db": "CERT/CC",
"id": "VU#563673"
},
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-28148"
},
{
"date": "2015-05-07T17:35:00",
"db": "BID",
"id": "25548"
},
{
"date": "2024-02-22T01:12:00",
"db": "JVNDB",
"id": "JVNDB-2007-002609"
},
{
"date": "2007-10-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200709-097"
},
{
"date": "2024-02-13T16:09:38.673000",
"db": "NVD",
"id": "CVE-2007-4786"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200709-097"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Adaptive Security Appliance AAA Authentication Feature Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "25548"
},
{
"db": "CNNVD",
"id": "CNNVD-200709-097"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200709-097"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…