Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco PIX和ASA设备绕过VPN认证漏洞
Vulnerability Description
Cisco PIX是一款防火墙设备,可为用户和应用提供策略强化、多载体攻击防护和安全连接服务;自适应安全设备(ASA)是可提供安全和VPN服务的模块化平台。 Cisco ASA或Cisco PIX安全设备可以配置为忽略AAA服务器的account-disabled指示,用户仍可登录。但是,用户必须提供正确的凭据才能登录到VPN。Cisco ASA和Cisco PIX安全设备中存在安全漏洞,如果启用了override account功能VPN用户就可以绕过认证。 这个漏洞在Cisco Bug ID中记录为C
CVSS Information
N/A
Vulnerability Type
N/A