Home Unlabelled Cisco ASA CX Context-Aware Security Web GUI Unauthorized Access Vulnerability

Cisco ASA CX Context-Aware Security Web GUI Unauthorized Access Vulnerability

By
Tuesday, October 27, 2015
Read
Add Comment
A vulnerability in the web-based GUI of Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security could allow an authenticated, remote attacker to enumerate users and read user information without belonging to a role that allows those operations.

The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by sending an HTTP request to a specific URL.

Cisco has not released software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability.

This advisory is available at the following link: http://ift.tt/1Mr1kXP

from Cisco Security Advisory http://ift.tt/1Mr1kXP
Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us