The Cisco Security Monitoring, Analysis and Response System (CS-MARS) prior to 4.2.3 and Adaptive Security Device Manager (ASDM) prior to 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote malicious users to spoof those devices to obtain sensitive information or generate incorrect information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco security monitoring analysis and response system 4.2.3 |
||
cisco adaptive security appliance device manager 5.2.53 |