CVE-2014-3410

Published: Dec 20, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The syslog-management subsystem in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to obtain an administrator password by waiting for an administrator to copy a file, and then (1) sniffing the network for a syslog message or (2) reading a syslog message in a file on a syslog server, aka Bug IDs CSCuq22357 and CSCur41860.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20141219 Cisco ASA Information Leak in Syslog Messages Vulnerability

vendor-advisory

x_refsource_CISCO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2014-3410

Description

Affected Products

References