vendor:
Adaptive Security Appliance
by:
SecurityFocus
7.8
CVSS
HIGH
Phishing Attack
601
CWE
Product Name: Adaptive Security Appliance
Affected Version From: Prior to ASA 8.0.4.34 and 8.1.2.25
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: h:cisco:adaptive_security_appliance
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
Cisco Adaptive Security Appliance (ASA) Phishing Vulnerability
An attacker can exploit this issue to display a fake login window that's visually similar to the device's login window, which may mislead users. This issue is tracked by Cisco Bug ID CSCsy80709. The attacker can exploit this issue to set up phishing attacks. Successful exploits could aid in further attacks.
Mitigation:
Upgrade to ASA 8.0.4.34 and 8.1.2.25 or later