mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
258 lines
10 KiB
JSON
258 lines
10 KiB
JSON
{
|
|
"id": "CVE-2011-3285",
|
|
"sourceIdentifier": "ykramarz@cisco.com",
|
|
"published": "2012-05-02T10:09:21.317",
|
|
"lastModified": "2017-12-07T02:29:08.227",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CRLF injection vulnerability in /+CSCOE+/logon.html on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCth63101."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Vulnerabilidad de ejecuci\u00f3n CRLF en /+CSCOE+/logon.html en Cisco Adaptive Security Appliances (ASA) 5500 con software v8.0 a v8.4 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de divisi\u00f3n de respuesta HTTP a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCth63101."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-20"
|
|
},
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-94"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C32BEE04-36F6-44B2-9735-43085DB9FA1B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0\\(2\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "88C8DF80-63E3-4F74-A998-91406C997637"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0\\(3\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3F01BB48-05B1-4816-A7D3-D7D230E5FA47"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0\\(4\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "39CC9D80-E4B4-4147-B7AD-E36003B37420"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0\\(5\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3DB106E8-8844-451D-AA91-0197ECC4B451"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "328AA1BC-FE79-4FA7-8C5A-C9CAB34506BD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5EDCF4C3-1DFD-4273-BD41-1C7DF475D1B7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B84AB0E6-0CAF-4A93-9C9E-0BB28D3D8ACC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6AF7472D-1E37-4F21-8A33-ADDD00666FB9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FF65DC1B-9B94-40A2-9934-AB40324CDC12"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4064372B-D5C6-4EE7-B227-919DA61502CD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\\(2\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE971B52-825B-4DA3-9585-ED5BE84F3795"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\\(3\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "65660DBC-2FE1-470F-9EA6-9BB901B8E4B6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\\(3.9\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EEC19E9A-B38B-4BB5-9D0B-0E9BEAA52B04"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\\(4\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "96FA6AA6-6224-4FBA-B995-9F249DF042A3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\\(4.1\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BDA57E19-ABED-472D-9BB3-ECDE9BD19046"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\\(4.4\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "375DF649-0416-4697-B3E7-5BECFB92BB33"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\\(5\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9175E2E6-29D7-45A6-AE21-1C4D5F44C3F8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BA9EDACF-992A-46BB-8D78-7E9852755201"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FE8E3E70-3BDB-49B7-A2E0-BA8F2EA50320"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3DF92CAB-E480-448E-B16E-29B8760C6621"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "22BC27BA-0960-4938-BBBC-29F0469BE01B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0A311E1C-A154-4162-8392-A5C83006F378"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BD33835E-EB26-4D42-970E-BA53CDE24F7C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B2D8A146-41E2-4407-8812-C6FF95DEA6FD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3.1:interim:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BD10E2EC-208C-484D-84B6-2C03FA69A3CD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "116EFBF1-CE60-4536-982C-44BED24F4C2F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C2710F16-1DCA-4D21-BA91-04931A7EC45E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5DA54B49-D405-4414-AAF2-FACFE7A7E9CC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C344A669-277A-42FD-B41C-A9EB8A7CDB37"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "80B6E036-F6B4-44C2-A0BF-1D54F794D276"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BBED6E6F-7B23-45DC-B10A-C263B37A8D08"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://www.cisco.com/web/software/280775065/37740/ASA-805-Interim-Release-Notes.html",
|
|
"source": "ykramarz@cisco.com"
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id?1027008",
|
|
"source": "ykramarz@cisco.com"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/75343",
|
|
"source": "ykramarz@cisco.com"
|
|
}
|
|
]
|
|
} |