The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before 8.6(1.12), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.5), when an override-account-disable option is enabled, does not properly parse AAA LDAP responses, which allows remote attackers to bypass authentication via a VPN connection attempt, aka Bug ID CSCug83401.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Adaptive_security_appliance_software | Cisco | 7.0 (including) | 7.0 (including) |
Adaptive_security_appliance_software | Cisco | 7.0(0) (including) | 7.0(0) (including) |
Adaptive_security_appliance_software | Cisco | 7.0(1) (including) | 7.0(1) (including) |
Adaptive_security_appliance_software | Cisco | 7.0(2) (including) | 7.0(2) (including) |
Adaptive_security_appliance_software | Cisco | 7.0(4) (including) | 7.0(4) (including) |
Adaptive_security_appliance_software | Cisco | 7.0(5) (including) | 7.0(5) (including) |
Adaptive_security_appliance_software | Cisco | 7.0(5.2) (including) | 7.0(5.2) (including) |
Adaptive_security_appliance_software | Cisco | 7.0(6) (including) | 7.0(6) (including) |
Adaptive_security_appliance_software | Cisco | 7.0(6.7) (including) | 7.0(6.7) (including) |
Adaptive_security_appliance_software | Cisco | 7.0(7) (including) | 7.0(7) (including) |
Adaptive_security_appliance_software | Cisco | 7.0(8) (including) | 7.0(8) (including) |
Adaptive_security_appliance_software | Cisco | 7.0.1 (including) | 7.0.1 (including) |
Adaptive_security_appliance_software | Cisco | 7.0.1.4 (including) | 7.0.1.4 (including) |
Adaptive_security_appliance_software | Cisco | 7.0.2 (including) | 7.0.2 (including) |
Adaptive_security_appliance_software | Cisco | 7.0.4 (including) | 7.0.4 (including) |
Adaptive_security_appliance_software | Cisco | 7.0.4.3 (including) | 7.0.4.3 (including) |
Adaptive_security_appliance_software | Cisco | 7.0.5 (including) | 7.0.5 (including) |
Adaptive_security_appliance_software | Cisco | 7.0.6 (including) | 7.0.6 (including) |
Adaptive_security_appliance_software | Cisco | 7.0.7 (including) | 7.0.7 (including) |
Adaptive_security_appliance_software | Cisco | 7.0.8 (including) | 7.0.8 (including) |
Adaptive_security_appliance_software | Cisco | 7.0.8-interim (including) | 7.0.8-interim (including) |
Adaptive_security_appliance_software | Cisco | 7.1 (including) | 7.1 (including) |
Adaptive_security_appliance_software | Cisco | 7.1(2) (including) | 7.1(2) (including) |
Adaptive_security_appliance_software | Cisco | 7.1(2.5) (including) | 7.1(2.5) (including) |
Adaptive_security_appliance_software | Cisco | 7.1(2.27) (including) | 7.1(2.27) (including) |
Adaptive_security_appliance_software | Cisco | 7.1(2.48) (including) | 7.1(2.48) (including) |
Adaptive_security_appliance_software | Cisco | 7.1(2.49) (including) | 7.1(2.49) (including) |
Adaptive_security_appliance_software | Cisco | 7.1(5) (including) | 7.1(5) (including) |
Adaptive_security_appliance_software | Cisco | 7.1.1 (including) | 7.1.1 (including) |
Adaptive_security_appliance_software | Cisco | 7.1.2 (including) | 7.1.2 (including) |
Adaptive_security_appliance_software | Cisco | 7.2 (including) | 7.2 (including) |
Adaptive_security_appliance_software | Cisco | 7.2(1) (including) | 7.2(1) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(1.22) (including) | 7.2(1.22) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2) (including) | 7.2(2) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.5) (including) | 7.2(2.5) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.7) (including) | 7.2(2.7) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.8) (including) | 7.2(2.8) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.10) (including) | 7.2(2.10) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.14) (including) | 7.2(2.14) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.15) (including) | 7.2(2.15) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.16) (including) | 7.2(2.16) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.17) (including) | 7.2(2.17) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.18) (including) | 7.2(2.18) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.19) (including) | 7.2(2.19) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(2.48) (including) | 7.2(2.48) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(3) (including) | 7.2(3) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(4) (including) | 7.2(4) (including) |
Adaptive_security_appliance_software | Cisco | 7.2(5) (including) | 7.2(5) (including) |
Adaptive_security_appliance_software | Cisco | 8.0 (including) | 8.0 (including) |
Adaptive_security_appliance_software | Cisco | 8.0(2) (including) | 8.0(2) (including) |
Adaptive_security_appliance_software | Cisco | 8.0(3) (including) | 8.0(3) (including) |
Adaptive_security_appliance_software | Cisco | 8.0(4) (including) | 8.0(4) (including) |
Adaptive_security_appliance_software | Cisco | 8.0(5) (including) | 8.0(5) (including) |
Adaptive_security_appliance_software | Cisco | 8.0(5.28) (including) | 8.0(5.28) (including) |
Adaptive_security_appliance_software | Cisco | 8.0(5.31) (including) | 8.0(5.31) (including) |
Adaptive_security_appliance_software | Cisco | 8.0.2 (including) | 8.0.2 (including) |
Adaptive_security_appliance_software | Cisco | 8.0.3 (including) | 8.0.3 (including) |
Adaptive_security_appliance_software | Cisco | 8.0.4 (including) | 8.0.4 (including) |
Adaptive_security_appliance_software | Cisco | 8.0.5 (including) | 8.0.5 (including) |
Adaptive_security_appliance_software | Cisco | 8.1 (including) | 8.1 (including) |
Adaptive_security_appliance_software | Cisco | 8.2 (including) | 8.2 (including) |
Adaptive_security_appliance_software | Cisco | 8.2(1) (including) | 8.2(1) (including) |
Adaptive_security_appliance_software | Cisco | 8.2(2) (including) | 8.2(2) (including) |
Adaptive_security_appliance_software | Cisco | 8.2(3) (including) | 8.2(3) (including) |
Adaptive_security_appliance_software | Cisco | 8.2(3.9) (including) | 8.2(3.9) (including) |
Adaptive_security_appliance_software | Cisco | 8.2(4) (including) | 8.2(4) (including) |
Adaptive_security_appliance_software | Cisco | 8.2(4.1) (including) | 8.2(4.1) (including) |
Adaptive_security_appliance_software | Cisco | 8.2(4.4) (including) | 8.2(4.4) (including) |
Adaptive_security_appliance_software | Cisco | 8.2(5) (including) | 8.2(5) (including) |
Adaptive_security_appliance_software | Cisco | 8.2(5.35) (including) | 8.2(5.35) (including) |
Adaptive_security_appliance_software | Cisco | 8.2(5.38) (including) | 8.2(5.38) (including) |
Adaptive_security_appliance_software | Cisco | 8.4 (including) | 8.4 (including) |
Adaptive_security_appliance_software | Cisco | 8.4(1) (including) | 8.4(1) (including) |
Adaptive_security_appliance_software | Cisco | 8.4(1.11) (including) | 8.4(1.11) (including) |
Adaptive_security_appliance_software | Cisco | 8.4(2) (including) | 8.4(2) (including) |
Adaptive_security_appliance_software | Cisco | 8.4(2.11) (including) | 8.4(2.11) (including) |
Adaptive_security_appliance_software | Cisco | 8.4(3) (including) | 8.4(3) (including) |
Adaptive_security_appliance_software | Cisco | 8.4(4.11) (including) | 8.4(4.11) (including) |
Adaptive_security_appliance_software | Cisco | 8.4(5) (including) | 8.4(5) (including) |
Adaptive_security_appliance_software | Cisco | 8.6 (including) | 8.6 (including) |
Adaptive_security_appliance_software | Cisco | 8.6(1) (including) | 8.6(1) (including) |
Adaptive_security_appliance_software | Cisco | 8.6(1.10) (including) | 8.6(1.10) (including) |
Adaptive_security_appliance_software | Cisco | 9.0 (including) | 9.0 (including) |
Adaptive_security_appliance_software | Cisco | 9.1 (including) | 9.1 (including) |
Adaptive_security_appliance_software | Cisco | 9.1(1.7) (including) | 9.1(1.7) (including) |