Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1203Cisco Adaptive Security Appliance vulnerability

7 documents7 sources
Severity
6.0MEDIUMNVD
EPSS
5.7%
top 9.53%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Cisco Adaptive Security Appliance
Timeline
PublishedJun 25
Latest updateMay 2

Description

WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 6.8 | Impact: 6.4

Affected Packages1 packages

NVDcisco/adaptive_security_appliance8.0\(4\), 8.1.2, 8.2.1+2

🔴Vulnerability Details

2
GHSA
GHSA-rvxp-pm7q-gj4f: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 82022-05-02
CVEList
CVE-2009-1203: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 82009-06-25

💥Exploits & PoCs

1
Exploit-DB
Cisco Adaptive Security Appliance 8.x - Web VPN FTP or CIFS Authentication Form Phishing2009-05-24

🔍Detection Rules

1
Suricata
ET WEB_SERVER Possible Cisco Adaptive Security Appliance Web VPN FTP or CIFS Authentication Form Phishing Attempt2010-07-30

📋Vendor Advisories

1
Cisco
Cisco ASA Adaptive Security Appliance Clientless SSL VPN CIFS and FTP Credential Theft Vulnerability2009-06-24

💬Community

1
Bugzilla
CVE-2009-2411 subversion: multiple heap overflow issues2009-07-30
CVE-2009-1203 — Cisco vulnerability | cvebase