{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-08-31T00:00:00", "descriptions": [{"lang": "en", "value": "The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1024963", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1024963"}, {"name": "45768", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45768"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf"}, {"name": "cisco-asa-mus-info-disclosure(64574)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64574"}, {"name": "42931", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42931"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-4690", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1024963", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1024963"}, {"name": "45768", "refsource": "BID", "url": "http://www.securityfocus.com/bid/45768"}, {"name": "http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf", "refsource": "CONFIRM", "url": "http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf"}, {"name": "cisco-asa-mus-info-disclosure(64574)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64574"}, {"name": "42931", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42931"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-4690", "datePublished": "2011-01-07T22:00:00", "dateReserved": "2011-01-07T00:00:00", "dateUpdated": "2017-08-16T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*", "matchCriteriaId": "F102F5EF-0B67-4FD7-898E-D5EDD8B822D5", "versionEndIncluding": "8.3\\(1\\)", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(0\\):*:*:*:*:*:*:*", "matchCriteriaId": "15ECB359-7290-4732-96F2-AFCEE21C7899", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "3DA2F01C-ECF1-477B-A413-75D0EB817079", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "D0714F9E-75AD-4405-BBC3-E0D817C05EF6", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5.2\\):*:*:*:*:*:*:*", "matchCriteriaId": "D9649696-DE81-48C7-A276-17E1ECADAD5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(6.7\\):*:*:*:*:*:*:*", "matchCriteriaId": "F31A44B7-7DD8-4ECF-9BA0-7D1983A2DB09", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "7632C245-04C6-4E78-87B7-55CCCA6FD6C8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E84099EB-2535-4A9F-8355-FF937CFBD122", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "C599F894-DAD2-4231-8BB8-1427E7C02D60", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "C1F60C12-71C9-47C6-B43F-A0374419D736", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "1C853CD9-F451-406E-A515-3BDC34E55639", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "FD7C28DC-B15F-486B-96F1-D08529B7374A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "B03A1408-A55A-4482-B239-B13094B13BFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*", "matchCriteriaId": "62DC7025-F067-45CB-BEA6-ED16A5BD2896", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "D1557499-D1A1-4A26-80DA-A3D66AA53580", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.5\\):*:*:*:*:*:*:*", "matchCriteriaId": "2649C78C-D742-4E6F-950F-54BF7CF797C3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.27\\):*:*:*:*:*:*:*", "matchCriteriaId": "469CFE0C-6319-46F3-8D31-4850F5E6A830", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.48\\):*:*:*:*:*:*:*", "matchCriteriaId": "4333600F-0277-4D6C-922E-53FA01CF3C2E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.49\\):*:*:*:*:*:*:*", "matchCriteriaId": "35AFDFE9-CCC9-453B-A081-939D1D554379", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(5\\):*:*:*:*:*:*:*", "matchCriteriaId": "7C82C545-6796-4B67-A97D-0435D41C63C5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "AA336EBF-FA9A-4B80-A486-446A1C4B72F5", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F8B53107-BCD0-4D3E-B090-91D6BD6139C8", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "4C926091-D9A6-4264-8E9A-52AFCBC09D34", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*", "matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*", "matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*", "matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*", "matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*", "matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*", "matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*", "matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*", "matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*", "matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.18\\):*:*:*:*:*:*:*", "matchCriteriaId": "D55D3385-FEE7-44AA-A65A-50924FDC1BFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*", "matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*", "matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "E853B8BF-07F5-46DF-8DEA-302F68B8B086", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "364CA0EA-F85E-4C4B-96D8-A7256F413844", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "67AB954E-D1F4-4B29-B782-2E9917D82DE0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "7DA3389C-86FE-45F7-97D7-E3386403944F", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "656D49C2-4F2E-4369-8933-FF74A3CD51EF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "C68E73D6-A207-4276-A972-52B859CD958A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "1E406214-2776-42C2-B777-92E6420FBFBF", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "73BA05D1-78A7-4F90-9448-3F2011EE3EF3", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "C2C6ABC8-767A-4B7D-A286-F9C6DF61AC6A", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "33F24697-0124-4326-8499-29931D57D246", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3.9\\):*:*:*:*:*:*:*", "matchCriteriaId": "A7236893-3EE9-4DBE-8A75-5294FD82E922", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "97E5BC7E-399F-4FD2-8024-2F4F621BC577", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "8F2C8AFA-A4B6-44A2-B00C-1950997493C0", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "465313C5-BFB9-458A-8150-8F7BA1F8C386", "vulnerable": true}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*", "matchCriteriaId": "9C808D46-C846-4C53-A713-150C3FED3FAB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*", "matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635."}, {"lang": "es", "value": "El servicio Mobile User Segurity (MUS) en dispositivos Cisco Adaptive Security Appliances (ASA) series 5500 con software anterior a v8.3 (2) no autentican correctamente a las peticiones HTTP de un aplicativo Web Security (WSA), que podr\u00eda permitir a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de una solicitud HEAD, alias CSCte53635 error de identificaci\u00f3n."}], "id": "CVE-2010-4690", "lastModified": "2023-08-11T19:03:30.373", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-01-07T23:00:19.547", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/42931"}, {"source": "cve@mitre.org", "url": "http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.pdf"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/45768"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1024963"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64574"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}