CVE-2011-2054
Last modified
CVE-2011-2054 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. EPSS estimates a 0.86% chance of exploitation in the next 30 days.
Description
A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker must have the correct primary credentials in order to successfully exploit this vulnerability.
Metrics
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Asa 5500 Firmware | 8.4\(1\) |
| Cisco | Asa 5510 Firmware | 8.4\(1\) |
| Cisco | Asa 5512-X Firmware | 8.4\(1\) |
| Cisco | Asa 5515-X Firmware | 8.4\(1\) |
| Cisco | Asa 5520 Firmware | 8.4\(1\) |
| Cisco | Asa 5525-X Firmware | 8.4\(1\) |
| Cisco | Asa 5540 Firmware | 8.4\(1\) |
| Cisco | Asa 5545-X Firmware | 8.4\(1\) |
| Cisco | Asa 5550 Firmware | 8.4\(1\) |
| Cisco | Asa 5555-X Firmware | 8.4\(1\) |
| Cisco | Asa 5580 Firmware | 8.4\(1\) |
| Cisco | Asa 5585-X Firmware | 8.4\(1\) |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2011-2054?
How severe is CVE-2011-2054?
How do I fix CVE-2011-2054?
Are you affected by CVE-2011-2054?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST