CVE-2008-2736

Cisco ASA 5500 Sensitive Information Exposure via Clientless SSL VPN

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636.

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/44870
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/31730
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1020813
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/30998

Scores

EPSS 0.0264
EPSS Percentile 83.8%

Details

CWE
CWE-200
Status published
Products (2)
cisco/adaptive_security_appliance_5500 8.0
cisco/adaptive_security_appliance_5500 8.1
Published Sep 04, 2008
Tracked Since Feb 18, 2026