CVE-2010-0568 - OpenCVE

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:C/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Asa 5500 Pix 500

Configuration 1 [-]

OR	cpe:2.3:h:cisco:asa_5500:7.1:::::::*
	cpe:2.3:h:cisco:asa_5500:7.2:::::::*
	cpe:2.3:h:cisco:asa_5500:8.0:::::::*
	cpe:2.3:h:cisco:asa_5500:8.1:::::::*
	cpe:2.3:h:cisco:asa_5500:8.2:::::::*
	cpe:2.3:h:cisco:pix_500::::::::

No data.

References

Link	Providers
http://osvdb.org/62437
http://secunia.com/advisories/38618
http://secunia.com/advisories/38636
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml
http://www.securityfocus.com/bid/38279
http://www.securitytracker.com/id?1023612
http://www.vupen.com/english/advisories/2010/0415
https://exchange.xforce.ibmcloud.com/vulnerabilities/56342

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2010-02-19T17:00:00

Updated: 2024-08-07T00:52:19.459Z

Reserved: 2010-02-10T00:00:00

Link: CVE-2010-0568

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-02-19T17:30:00.957

Modified: 2017-08-17T01:32:01.913

Link: CVE-2010-0568

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-02-17T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"name": "38279", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38279"}, {"name": "38618", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38618"}, {"name": "62437", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/62437"}, {"name": "38636", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38636"}, {"name": "1023612", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1023612"}, {"name": "cisco-asa-ntlmv1-security-bypass(56342)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56342"}, {"name": "ADV-2010-0415", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0415"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2010-0568", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"name": "38279", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38279"}, {"name": "38618", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38618"}, {"name": "62437", "refsource": "OSVDB", "url": "http://osvdb.org/62437"}, {"name": "38636", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38636"}, {"name": "1023612", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1023612"}, {"name": "cisco-asa-ntlmv1-security-bypass(56342)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56342"}, {"name": "ADV-2010-0415", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0415"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:52:19.459Z"}, "title": "CVE Program Container", "references": [{"name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"name": "38279", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38279"}, {"name": "38618", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38618"}, {"name": "62437", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/62437"}, {"name": "38636", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38636"}, {"name": "1023612", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1023612"}, {"name": "cisco-asa-ntlmv1-security-bypass(56342)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56342"}, {"name": "ADV-2010-0415", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0415"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2010-0568", "datePublished": "2010-02-19T17:00:00", "dateReserved": "2010-02-10T00:00:00", "dateUpdated": "2024-08-07T00:52:19.459Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "856917BD-179B-4C43-8EA6-034254720B63", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "800D4D6A-0814-4D83-8E66-945687AE58D0", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "0810F1FB-120C-4F4C-A9A7-6AA76227A4AD", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F50FA336-1365-4449-86B6-855C06E4F516", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "3CBF542E-2454-4F54-93F6-8D003E06F9D7", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*", "matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Cisco ASA 5500 Series Adaptive Security Appliance v7.0 anterior a v7.0(8.10), v7.2 anterior a v7.2(4.45), v8.0 anterior a v8.0(5.2), 8.1 anterior a v8.1(2.40), y v8.2 anterior a v8.2(2.1), y Cisco PIX 500 Series Security Appliance, permite a atacantes remotos evitar la autenticaci\u00f3n a trav\u00e9s de un nombre de usuario NTLMv1 manipulado, tambi\u00e9n conocido como Bug ID CSCte21953."}], "id": "CVE-2010-0568", "lastModified": "2017-08-17T01:32:01.913", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 7.1, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-02-19T17:30:00.957", "references": [{"source": "ykramarz@cisco.com", "url": "http://osvdb.org/62437"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38618"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38636"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/38279"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1023612"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0415"}, {"source": "ykramarz@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56342"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}