The syslog-management subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote malicious users to obtain an administrator password by waiting for an administrator to copy a file, and then (1) sniffing the network for a syslog message or (2) reading a syslog message in a file on a syslog server, aka Bug IDs CSCuq22357 and CSCur41860.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco adaptive security appliance software - |