Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before 8.6(1.12), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.5), when an override-account-disable option is enabled, does not properly parse AAA LDAP responses, which allows remote attackers to bypass authentication via a VPN connection attempt, aka Bug ID CSCug83401.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco ASA软件remote-access VPN 安全绕过漏洞
Vulnerability Description
Cisco Adaptive Security Appliances(ASA,自适应安全设备)Software是美国思科(Cisco)公司的一套运行于防火墙中的操作系统。 Cisco ASA软件中的远程访问VPN实现中存在安全绕过漏洞,该漏洞源于当配置使用override-account-disable选项时,程序没有正确解析LDAP响应数据包。远程攻击者可通过远程VPN连接利用该漏洞绕过身份验证,可远程访问内部网络。以下版本受到影响:Cisco Adaptive Security Appliance S
CVSS Information
N/A
Vulnerability Type
N/A