Vulnerability Details : CVE-2010-0568
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953.
Exploit prediction scoring system (EPSS) score for CVE-2010-0568
Probability of exploitation activity in the next 30 days: 0.58%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 75 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0568
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:C/I:N/A:N |
8.6
|
6.9
|
NIST |
References for CVE-2010-0568
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/56342
Cisco ASA 5500 and PIX 500 NTLMv1 security bypass CVE-2010-0568 Vulnerability Report
-
http://www.securitytracker.com/id?1023612
Cisco ASA TCP, SIP, SCCP, DTLS, and IKE Processing Flaws Let Remote Users Deny Service - SecurityTracker
-
http://www.vupen.com/english/advisories/2010/0415
Webmail | OVH- OVHVendor Advisory
-
http://www.securityfocus.com/bid/38279
Cisco ASA 5500 IKE Message Denial of Service Vulnerability
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances - CiscoVendor Advisory
Products affected by CVE-2010-0568
- cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5500:8.2:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5500:8.0:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5500:8.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*