CVE-2008-2736
Severity CVSS v4.0:
Pending analysis
Type:
CWE-200
Information Leak / Disclosure
Publication date:
04/09/2008
Last modified:
09/04/2025
Description
Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636.
Impact
Base Score 2.0
7.10
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.0:*:*:*:*:*:*:* | ||
| cpe:2.3:h:cisco:adaptive_security_appliance_5500:8.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://secunia.com/advisories/31730
- http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa
- http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html
- http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
- http://www.securityfocus.com/bid/30998
- http://www.securitytracker.com/id?1020813=
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44870
- http://secunia.com/advisories/31730
- http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asa
- http://www.cisco.com/en/US/docs/security/asa/asa81/release/notes/asarn812.html
- http://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtml
- http://www.securityfocus.com/bid/30998
- http://www.securitytracker.com/id?1020813=
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44870