The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.6.x before 8.6(1.12), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.5), when an override-account-disable option is enabled, does not properly parse AAA LDAP responses, which allows remote attackers to bypass authentication via a VPN connection attempt, aka Bug ID CSCug83401.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Adaptive_security_appliance_software | Cisco | 7.0.2 | 7.0.2 |
Adaptive_security_appliance_software | Cisco | 7.0.1.4 | 7.0.1.4 |
Adaptive_security_appliance_software | Cisco | 9.1(1.7) | 9.1(1.7) |
Adaptive_security_appliance_software | Cisco | 8.2(3) | 8.2(3) |
Adaptive_security_appliance_software | Cisco | 8.0(5) | 8.0(5) |
Adaptive_security_appliance_software | Cisco | 7.1(2.48) | 7.1(2.48) |
Adaptive_security_appliance_software | Cisco | 8.1 | 8.1 |
Adaptive_security_appliance_software | Cisco | 8.2(4) | 8.2(4) |
Adaptive_security_appliance_software | Cisco | 7.2(4) | 7.2(4) |
Adaptive_security_appliance_software | Cisco | 8.0 | 8.0 |
Adaptive_security_appliance_software | Cisco | 7.2(2.48) | 7.2(2.48) |
Adaptive_security_appliance_software | Cisco | 8.2(4.4) | 8.2(4.4) |
Adaptive_security_appliance_software | Cisco | 7.0(6) | 7.0(6) |
Adaptive_security_appliance_software | Cisco | 8.6(1) | 8.6(1) |
Adaptive_security_appliance_software | Cisco | 8.0(5.28) | 8.0(5.28) |
Adaptive_security_appliance_software | Cisco | 7.1 | 7.1 |
Adaptive_security_appliance_software | Cisco | 8.2(5.35) | 8.2(5.35) |
Adaptive_security_appliance_software | Cisco | 8.0(3) | 8.0(3) |
Adaptive_security_appliance_software | Cisco | 8.2(3.9) | 8.2(3.9) |
Adaptive_security_appliance_software | Cisco | 7.0.4 | 7.0.4 |
Adaptive_security_appliance_software | Cisco | 8.4(1) | 8.4(1) |
Adaptive_security_appliance_software | Cisco | 8.4(1.11) | 8.4(1.11) |
Adaptive_security_appliance_software | Cisco | 7.0(1) | 7.0(1) |
Adaptive_security_appliance_software | Cisco | 7.2(1) | 7.2(1) |
Adaptive_security_appliance_software | Cisco | 7.2(2.5) | 7.2(2.5) |
Adaptive_security_appliance_software | Cisco | 7.0 | 7.0 |
Adaptive_security_appliance_software | Cisco | 8.0.2 | 8.0.2 |
Adaptive_security_appliance_software | Cisco | 8.6(1.10) | 8.6(1.10) |
Adaptive_security_appliance_software | Cisco | 8.4(5) | 8.4(5) |
Adaptive_security_appliance_software | Cisco | 7.0(2) | 7.0(2) |
Adaptive_security_appliance_software | Cisco | 7.0(5) | 7.0(5) |
Adaptive_security_appliance_software | Cisco | 8.2 | 8.2 |
Adaptive_security_appliance_software | Cisco | 8.4(3) | 8.4(3) |
Adaptive_security_appliance_software | Cisco | 8.0.5 | 8.0.5 |
Adaptive_security_appliance_software | Cisco | 7.2(2.8) | 7.2(2.8) |
Adaptive_security_appliance_software | Cisco | 7.2(2.14) | 7.2(2.14) |
Adaptive_security_appliance_software | Cisco | 7.2(5) | 7.2(5) |
Adaptive_security_appliance_software | Cisco | 7.0.5 | 7.0.5 |
Adaptive_security_appliance_software | Cisco | 8.0.4 | 8.0.4 |
Adaptive_security_appliance_software | Cisco | 8.2(1) | 8.2(1) |
Adaptive_security_appliance_software | Cisco | 8.0(2) | 8.0(2) |
Adaptive_security_appliance_software | Cisco | 7.0(6.7) | 7.0(6.7) |
Adaptive_security_appliance_software | Cisco | 7.0(7) | 7.0(7) |
Adaptive_security_appliance_software | Cisco | 8.0(4) | 8.0(4) |
Adaptive_security_appliance_software | Cisco | 7.2(2.17) | 7.2(2.17) |
Adaptive_security_appliance_software | Cisco | 7.2(2.19) | 7.2(2.19) |
Adaptive_security_appliance_software | Cisco | 7.0(8) | 7.0(8) |
Adaptive_security_appliance_software | Cisco | 7.1(2.49) | 7.1(2.49) |
Adaptive_security_appliance_software | Cisco | 7.2(2.15) | 7.2(2.15) |
Adaptive_security_appliance_software | Cisco | 7.0.1 | 7.0.1 |
Adaptive_security_appliance_software | Cisco | 8.4(4.11) | 8.4(4.11) |
Adaptive_security_appliance_software | Cisco | 9.0 | 9.0 |
Adaptive_security_appliance_software | Cisco | 8.0(5.31) | 8.0(5.31) |
Adaptive_security_appliance_software | Cisco | 7.0.7 | 7.0.7 |
Adaptive_security_appliance_software | Cisco | 7.2(2) | 7.2(2) |
Adaptive_security_appliance_software | Cisco | 7.1(2) | 7.1(2) |
Adaptive_security_appliance_software | Cisco | 8.0.3 | 8.0.3 |
Adaptive_security_appliance_software | Cisco | 7.0.8 | 7.0.8 |
Adaptive_security_appliance_software | Cisco | 7.2(2.16) | 7.2(2.16) |
Adaptive_security_appliance_software | Cisco | 7.2 | 7.2 |
Adaptive_security_appliance_software | Cisco | 7.2(2.10) | 7.2(2.10) |
Adaptive_security_appliance_software | Cisco | 7.0.6 | 7.0.6 |
Adaptive_security_appliance_software | Cisco | 8.4(2) | 8.4(2) |
Adaptive_security_appliance_software | Cisco | 7.1.1 | 7.1.1 |
Adaptive_security_appliance_software | Cisco | 7.2(2.7) | 7.2(2.7) |
Adaptive_security_appliance_software | Cisco | 8.4(2.11) | 8.4(2.11) |
Adaptive_security_appliance_software | Cisco | 7.2(1.22) | 7.2(1.22) |
Adaptive_security_appliance_software | Cisco | 7.1(2.27) | 7.1(2.27) |
Adaptive_security_appliance_software | Cisco | 8.2(5) | 8.2(5) |
Adaptive_security_appliance_software | Cisco | 8.2(2) | 8.2(2) |
Adaptive_security_appliance_software | Cisco | 7.1(5) | 7.1(5) |
Adaptive_security_appliance_software | Cisco | 8.2(5.38) | 8.2(5.38) |
Adaptive_security_appliance_software | Cisco | 7.0(0) | 7.0(0) |
Adaptive_security_appliance_software | Cisco | 7.0(5.2) | 7.0(5.2) |
Adaptive_security_appliance_software | Cisco | 7.2(3) | 7.2(3) |
Adaptive_security_appliance_software | Cisco | 7.0.4.3 | 7.0.4.3 |
Adaptive_security_appliance_software | Cisco | 7.1.2 | 7.1.2 |
Adaptive_security_appliance_software | Cisco | 7.2(2.18) | 7.2(2.18) |
Adaptive_security_appliance_software | Cisco | 8.4 | 8.4 |
Adaptive_security_appliance_software | Cisco | 7.1(2.5) | 7.1(2.5) |
Adaptive_security_appliance_software | Cisco | 7.0.8 | 7.0.8 |
Adaptive_security_appliance_software | Cisco | 8.6 | 8.6 |
Adaptive_security_appliance_software | Cisco | 7.0(4) | 7.0(4) |
Adaptive_security_appliance_software | Cisco | 9.1 | 9.1 |
Adaptive_security_appliance_software | Cisco | 8.2(4.1) | 8.2(4.1) |