CVE-2007-0397

The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information.

Severity	MEDIUM
CVSS	6.4
CWE	NVD-CWE-Other
KEV
Published	19 years ago
Modified	3 weeks ago

Related Products

Product	Advisory	Evidence
Cisco Security Monitoring, Analysis, and Response System (MARS)	Cisco-SA-20070118-CVE-2007-0397	Cisco OpenVuln
Cisco Secure Firewall Adaptive Security Device Manager (ASDM)	Cisco-SA-20070118-CVE-2007-0397	Cisco OpenVuln
Cisco Adaptive Security Device Manager (ASDM)	Cisco-SA-20070118-CVE-2007-0397	Cisco OpenVuln