The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-01-20T01:00:00

Updated: 2024-08-07T12:19:29.755Z

Reserved: 2007-01-19T00:00:00

Link: CVE-2007-0397

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2007-01-20T01:28:00.000

Modified: 2024-11-21T00:25:45.683

Link: CVE-2007-0397

cve-icon Redhat

No data.