CVE-2008-2057 — Cisco Adaptive Security Appliance Software vulnerability

CWE-3994 documents4 sources

Severity

5.4MEDIUMNVD

EPSS

1.6%

top 18.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software Cisco PIX Security Appliance

Timeline

PublishedJun 4

Latest updateMay 1

Description

The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet.

CVSS vector

AV:N/AC:H/C:N/I:N/A:CExploitability: 4.9 | Impact: 6.9

Affected Packages2 packages

▶NVDcisco/adaptive_security_appliance_software7.2.2, 8.0+1

▶NVDcisco/pix_security_appliance7.2, 8.0+1

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-gx6q-7vqv-xvp8: The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7↗2022-05-01

▶

CVEList

CVE-2008-2057: The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7↗2008-06-04

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco PIX and Cisco ASA↗2008-06-04

▶