CVE-2010-4680

EUVD-2010-4645
The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permits the viewing of CIFS shares even when CIFS file browsing has been disabled, which allows remote authenticated users to bypass intended access restrictions via CIFS requests, aka Bug ID CSCsz80777.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 40%
Affected Products (NVD)
VendorProductVersion
ciscoadaptive_security_appliance_software
𝑥
≤ 8.2\(2\)
ciscoadaptive_security_appliance_software
7.0
ciscoadaptive_security_appliance_software
7.0\(0\)
ciscoadaptive_security_appliance_software
7.0\(2\)
ciscoadaptive_security_appliance_software
7.0\(4\)
ciscoadaptive_security_appliance_software
7.0\(5\)
ciscoadaptive_security_appliance_software
7.0\(5.2\)
ciscoadaptive_security_appliance_software
7.0\(6.7\)
ciscoadaptive_security_appliance_software
7.0.1
ciscoadaptive_security_appliance_software
7.0.1.4
ciscoadaptive_security_appliance_software
7.0.2
ciscoadaptive_security_appliance_software
7.0.4
ciscoadaptive_security_appliance_software
7.0.4.3
ciscoadaptive_security_appliance_software
7.0.5
ciscoadaptive_security_appliance_software
7.0.6
ciscoadaptive_security_appliance_software
7.0.7
ciscoadaptive_security_appliance_software
7.0.8
ciscoadaptive_security_appliance_software
7.0.8:interim
ciscoadaptive_security_appliance_software
7.1
ciscoadaptive_security_appliance_software
7.1\(2\)
ciscoadaptive_security_appliance_software
7.1\(2.5\)
ciscoadaptive_security_appliance_software
7.1\(2.27\)
ciscoadaptive_security_appliance_software
7.1\(2.48\)
ciscoadaptive_security_appliance_software
7.1\(2.49\)
ciscoadaptive_security_appliance_software
7.1\(5\)
ciscoadaptive_security_appliance_software
7.1.1
ciscoadaptive_security_appliance_software
7.1.2
ciscoadaptive_security_appliance_software
7.2
ciscoadaptive_security_appliance_software
7.2\(1\)
ciscoadaptive_security_appliance_software
7.2\(1.22\)
ciscoadaptive_security_appliance_software
7.2\(2\)
ciscoadaptive_security_appliance_software
7.2\(2.5\)
ciscoadaptive_security_appliance_software
7.2\(2.7\)
ciscoadaptive_security_appliance_software
7.2\(2.8\)
ciscoadaptive_security_appliance_software
7.2\(2.10\)
ciscoadaptive_security_appliance_software
7.2\(2.14\)
ciscoadaptive_security_appliance_software
7.2\(2.15\)
ciscoadaptive_security_appliance_software
7.2\(2.16\)
ciscoadaptive_security_appliance_software
7.2\(2.17\)
ciscoadaptive_security_appliance_software
7.2\(2.18\)
ciscoadaptive_security_appliance_software
7.2\(2.19\)
ciscoadaptive_security_appliance_software
7.2\(2.48\)
ciscoadaptive_security_appliance_software
7.2.1
ciscoadaptive_security_appliance_software
7.2.2
ciscoadaptive_security_appliance_software
7.2.3
ciscoadaptive_security_appliance_software
7.2.4
ciscoadaptive_security_appliance_software
7.2.5
ciscoadaptive_security_appliance_software
8.0
ciscoadaptive_security_appliance_software
8.0.2
ciscoadaptive_security_appliance_software
8.0.3
ciscoadaptive_security_appliance_software
8.0.4
ciscoadaptive_security_appliance_software
8.0.5
ciscoadaptive_security_appliance_software
8.2\(1\)
ciscoadaptive_security_appliance_software
8.2.1
ciscoadaptive_security_appliance_software
8.2.2
ciscoadaptive_security_appliance_software
8.2.2:interim
cisco5500_series_adaptive_security_appliance
*
ciscoasa_5500
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/42931
http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf
http://www.securityfocus.com/bid/45767
http://www.securitytracker.com/id?1024963
https://exchange.xforce.ibmcloud.com/vulnerabilities/64606
http://secunia.com/advisories/42931
http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf
http://www.securityfocus.com/bid/45767
http://www.securitytracker.com/id?1024963
https://exchange.xforce.ibmcloud.com/vulnerabilities/64606