CVE-2010-0567

CWE-287 — Improper Authentication CWE-3995 documents5 sources

Severity

5.0MEDIUM

EPSS

1.5%

top 19.15%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco ASA 5500

Timeline

PublishedFeb 19

Latest updateMay 2

Description

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (active IPsec tunnel loss and prevention of new tunnels) via a malformed IKE message through an existing tunnel to UDP port 4500, aka Bug ID CSCtc47782.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDcisco/asa_55005 versions+4

🔴Vulnerability Details

GHSA

GHSA-mw4x-77fp-773c: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7↗2022-05-02

▶

CVEList

CVE-2010-0567: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7↗2010-02-19

▶

📋Vendor Advisories

Cisco

Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances↗2010-02-17

▶

💬Community

Bugzilla

change lvm2 to use the same pathname socket as clvmd↗2010-07-20

▶