Vulnerability Details : CVE-2011-0396
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352.
Products affected by CVE-2011-0396
- cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.1\(1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(5\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(4\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(3\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.2\(1\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.2\(2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.1\(2\):*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance:8.3:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\(1\):*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-0396
0.43%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 71 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-0396
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:C/I:N/A:N |
10.0
|
6.9
|
NIST |
CWE ids for CVE-2011-0396
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-0396
-
http://secunia.com/advisories/43488
Sign in
-
http://www.securitytracker.com/id?1025108
Cisco ASA 5500 Bugs Let Remote Users Deny Service and Access Files on the Target Device - SecurityTracker
-
http://www.vupen.com/english/advisories/2011/0493
Webmail | OVH- OVH
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/65591
Cisco Adaptive Security Appliances CA server unauthorized access CVE-2011-0396 Vulnerability Report
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances - CiscoVendor Advisory
Jump to