CVE-2010-4690

The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
VendorProductVersion
ciscoadaptive_security_appliance_software
𝑥
≤ 8.3\(1\)
ciscoadaptive_security_appliance_software
7.0
ciscoadaptive_security_appliance_software
7.0\(0\)
ciscoadaptive_security_appliance_software
7.0\(2\)
ciscoadaptive_security_appliance_software
7.0\(4\)
ciscoadaptive_security_appliance_software
7.0\(5\)
ciscoadaptive_security_appliance_software
7.0\(5.2\)
ciscoadaptive_security_appliance_software
7.0\(6.7\)
ciscoadaptive_security_appliance_software
7.0.1
ciscoadaptive_security_appliance_software
7.0.1.4
ciscoadaptive_security_appliance_software
7.0.2
ciscoadaptive_security_appliance_software
7.0.4
ciscoadaptive_security_appliance_software
7.0.4.3
ciscoadaptive_security_appliance_software
7.0.5
ciscoadaptive_security_appliance_software
7.0.6
ciscoadaptive_security_appliance_software
7.0.7
ciscoadaptive_security_appliance_software
7.0.8
ciscoadaptive_security_appliance_software
7.0.8:interim
ciscoadaptive_security_appliance_software
7.1
ciscoadaptive_security_appliance_software
7.1\(2\)
ciscoadaptive_security_appliance_software
7.1\(2.5\)
ciscoadaptive_security_appliance_software
7.1\(2.27\)
ciscoadaptive_security_appliance_software
7.1\(2.48\)
ciscoadaptive_security_appliance_software
7.1\(2.49\)
ciscoadaptive_security_appliance_software
7.1\(5\)
ciscoadaptive_security_appliance_software
7.1.1
ciscoadaptive_security_appliance_software
7.1.2
ciscoadaptive_security_appliance_software
7.2
ciscoadaptive_security_appliance_software
7.2\(1\)
ciscoadaptive_security_appliance_software
7.2\(1.22\)
ciscoadaptive_security_appliance_software
7.2\(2\)
ciscoadaptive_security_appliance_software
7.2\(2.5\)
ciscoadaptive_security_appliance_software
7.2\(2.7\)
ciscoadaptive_security_appliance_software
7.2\(2.8\)
ciscoadaptive_security_appliance_software
7.2\(2.10\)
ciscoadaptive_security_appliance_software
7.2\(2.14\)
ciscoadaptive_security_appliance_software
7.2\(2.15\)
ciscoadaptive_security_appliance_software
7.2\(2.16\)
ciscoadaptive_security_appliance_software
7.2\(2.17\)
ciscoadaptive_security_appliance_software
7.2\(2.18\)
ciscoadaptive_security_appliance_software
7.2\(2.19\)
ciscoadaptive_security_appliance_software
7.2\(2.48\)
ciscoadaptive_security_appliance_software
7.2.1
ciscoadaptive_security_appliance_software
7.2.2
ciscoadaptive_security_appliance_software
7.2.3
ciscoadaptive_security_appliance_software
7.2.4
ciscoadaptive_security_appliance_software
7.2.5
ciscoadaptive_security_appliance_software
8.0
ciscoadaptive_security_appliance_software
8.0.2
ciscoadaptive_security_appliance_software
8.0.3
ciscoadaptive_security_appliance_software
8.0.4
ciscoadaptive_security_appliance_software
8.0.5
ciscoadaptive_security_appliance_software
8.2\(1\)
ciscoadaptive_security_appliance_software
8.2\(2\)
ciscoadaptive_security_appliance_software
8.2\(3\)
ciscoadaptive_security_appliance_software
8.2\(3.9\)
ciscoadaptive_security_appliance_software
8.2\(4\)
ciscoadaptive_security_appliance_software
8.2.1
ciscoadaptive_security_appliance_software
8.2.2
ciscoadaptive_security_appliance_software
8.2.2:interim
cisco5500_series_adaptive_security_appliance
*
ciscoasa_5500
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/42931
http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf
http://www.securityfocus.com/bid/45768
http://www.securitytracker.com/id?1024963
https://exchange.xforce.ibmcloud.com/vulnerabilities/64574
http://secunia.com/advisories/42931
http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf
http://www.securityfocus.com/bid/45768
http://www.securitytracker.com/id?1024963
https://exchange.xforce.ibmcloud.com/vulnerabilities/64574