Back to search
CVE-2015-4458
Published: Jul 18, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
The TLS implementation in the Cavium cryptographic-module firmware, as distributed with Cisco Adaptive Security Appliance (ASA) Software 9.1(5.21) and other products, does not verify the MAC field, which allows man-in-the-middle attackers to spoof TLS content by modifying packets, aka Bug ID CSCuu52976.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1032927
vdb-entry
x_refsource_SECTRACK
20150714 Cisco Adaptive Security Appliance Message Authentication Code Checking Vulnerability
vendor-advisory
x_refsource_CISCO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now