{"containers": {"cna": {"affected": [{"product": "Cisco ASA", "vendor": "Cisco", "versions": [{"status": "affected", "version": "8.4(1)"}]}], "datePublic": "2011-11-02T00:00:00", "descriptions": [{"lang": "en", "value": "A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker must have the correct primary credentials in order to successfully exploit this vulnerability."}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-02-19T03:05:13", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCtq58884"}], "source": {"advisory": "CSCtq58884", "defect": ["CSCut66725"], "discovery": "USER"}, "title": "Cisco ASA Secondary Authentication Bypass Vulnerability", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "DATE_PUBLIC": "2011-11-02T15:00:00.000Z", "ID": "CVE-2011-2054", "STATE": "PUBLIC", "TITLE": "Cisco ASA Secondary Authentication Bypass Vulnerability"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Cisco ASA", "version": {"version_data": [{"version_affected": "=", "version_value": "8.4(1)"}]}}]}, "vendor_name": "Cisco"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker must have the correct primary credentials in order to successfully exploit this vulnerability."}]}, "exploit": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-287 Improper Authentication"}]}]}, "references": {"reference_data": [{"name": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCtq58884", "refsource": "MISC", "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCtq58884"}]}, "source": {"advisory": "CSCtq58884", "defect": ["CSCut66725"], "discovery": "USER"}}}}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2011-2054", "datePublished": "2011-11-02T00:00:00", "dateReserved": "2011-05-10T00:00:00", "dateUpdated": "2020-02-19T03:05:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5500_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "492D7C72-7AD0-4BED-A9C2-D5FF5075C9B6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5500:-:*:*:*:*:*:*:*", "matchCriteriaId": "7018906A-ACDF-4D7B-B816-ED9C235BF04E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5510_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "4CEAC7D3-6E2E-4F92-991D-A02670847272", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*", "matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "08330CC1-E646-45C5-AD18-32D8C7CB59D4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "134BCB2B-DD05-4816-9C86-DEDF20D56B92", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5520_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "0F3A0F94-A74A-4C02-9E60-FB8952447A35", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "B975C1BC-6F91-4233-8E0E-A2B6A8C0BA21", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5540_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "3A67CC83-A1E5-41ED-ABA6-CE34B2C95FD6", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5540:-:*:*:*:*:*:*:*", "matchCriteriaId": "17C5A524-E1D9-480F-B655-0680AA5BF720", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "F295FA59-3EEA-4E83-BF2B-8E47C2605002", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5550_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "689C7278-FD25-434D-A66C-67B897B8E1D0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "EA496C1C-765B-4A38-B547-584CC477F6F2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "2C60B539-889F-4E44-9DDB-5A82E8DB663F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*", "matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:8.4\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "18CEF113-0DBE-46C9-9C79-3239E2AF10E3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*", "matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker must have the correct primary credentials in order to successfully exploit this vulnerability."}, {"lang": "es", "value": "Una vulnerabilidad en el Cisco ASA , podr\u00eda permitir a atacantes remotos una autenticaci\u00f3n con \u00e9xito usando el cliente Cisco AnyConnect VPN si el tipo Secondary Authentication es LDAP y la contrase\u00f1a se deja en blanco, siempre que las credenciales principales sean correctas. Estas vulnerabilidades son debido a una comprobaci\u00f3n de entrada inapropiada de determinados par\u00e1metros pasados ??al software afectado. Un atacante debe tener las credenciales principales correctas a fin de explotar con \u00e9xito esta vulnerabilidad."}], "id": "CVE-2011-2054", "lastModified": "2020-02-24T17:09:10.543", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2020-02-19T03:15:10.277", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://quickview.cloudapps.cisco.com/quickview/bug/CSCtq58884"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-287"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

{}