CVE-2011-3309

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 process IKE requests despite a vpnclient mode configuration, which allows remote attackers to obtain potentially sensitive information by reading IKE responder traffic, aka Bug ID CSCtt07749.

Published: May 2, 2012
Updated: Apr 13, 2023
CVE: CVE-2011-3309
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
cisco / adaptive_security_appliance_software	8.2(1)	8.2(1).x
cisco / adaptive_security_appliance_software	8.2(2)	8.2(2).x
cisco / adaptive_security_appliance_software	8.2(3)	8.2(3).x
cisco / adaptive_security_appliance_software	8.2(3.9)	8.2(3.9).x
cisco / adaptive_security_appliance_software	8.2(4)	8.2(4).x
cisco / adaptive_security_appliance_software	8.2(4.1)	8.2(4.1).x
cisco / adaptive_security_appliance_software	8.2(4.4)	8.2(4.4).x
cisco / adaptive_security_appliance_software	8.2(5)	8.2(5).x
cisco / adaptive_security_appliance_software	8.2.1	8.2.1.x
cisco / adaptive_security_appliance_software	8.2.2	8.2.2.x
cisco / adaptive_security_appliance_software	8.2.2-interim	8.2.2-interim.x
cisco / adaptive_security_appliance_software	8.2.3	8.2.3.x
cisco / adaptive_security_appliance_software	8.3(1)	8.3(1).x
cisco / adaptive_security_appliance_software	8.3(2)	8.3(2).x
cisco / adaptive_security_appliance_software	8.3.1-interim	8.3.1-interim.x
cisco / adaptive_security_appliance_software	8.3.1	8.3.1.x
cisco / adaptive_security_appliance_software	8.3.2	8.3.2.x
cisco / adaptive_security_appliance_software	8.4	8.4.x
cisco / adaptive_security_appliance_software	8.4(1)	8.4(1).x
cisco / adaptive_security_appliance_software	8.4(1.11)	8.4(1.11).x
cisco / adaptive_security_appliance_software	8.4(2)	8.4(2).x
cisco / adaptive_security_appliance_software	8.4(2.11)	8.4(2.11).x
cisco / 5500_series_adaptive_security_appliance	-	-

Vulnerability Database

289,784

CVE-2011-3309