Test Kennung:	1.3.6.1.4.1.25623.1.0.806686
Kategorie:	CISCO
Titel:	Cisco ASA Challenge-Response Tunnel Group Selection Bypass Vulnerability (Cisco-SA-20150216-CVE-2014-8023)
Zusammenfassung:	Cisco ASA Software is prone to a security bypass vulnerability.
Beschreibung:	Summary: Cisco ASA Software is prone to a security bypass vulnerability. Vulnerability Insight: The flaw is due to an improper implementation of the tunnel group selection when a user authenticates to the remote access VPN via the challenge-response mechanism. Vulnerability Impact: Successful exploitation allows the attacker to bypass the tunnel group restriction and authenticate to a different tunnel group than the one selected during the authentication phase. Solution: See the referenced vendor advisory for a solution. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8023 BugTraq ID: 72618 http://www.securityfocus.com/bid/72618 Cisco Security Advisory: 20150216 Cisco ASA Challenge-Response Tunnel Group Selection Bypass Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8023 http://www.securitytracker.com/id/1031755 XForce ISS Database: cisco-asa-cve20148023-sec-bypass(100922) https://exchange.xforce.ibmcloud.com/vulnerabilities/100922
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.