What is the severity of CVE-2008-7257?

CVE-2008-7257 is considered a critical vulnerability due to its potential to allow remote attackers to inject arbitrary HTTP headers.

How do I fix CVE-2008-7257?

To fix CVE-2008-7257, upgrade to Cisco ASA software version 8.1(2) or later.

What impact does CVE-2008-7257 have on Cisco ASA 5580 devices?

CVE-2008-7257 can lead to HTTP header injection, allowing unauthorized control over web traffic.

Which versions of Cisco ASA are affected by CVE-2008-7257?

CVE-2008-7257 affects Cisco ASA 5580 devices running software versions earlier than 8.1(2).

Who are the potential attackers in CVE-2008-7257?

The potential attackers for CVE-2008-7257 are remote users who can craft malicious HTTP requests to exploit the vulnerability.

Vulnerability/
CVE-2008-7257

medium

4.3

CWE

20 93

29/6/2010

7/8/2024

CVE-2008-7257: Input Validation

First published: Tue Jun 29 2010(Updated: )

CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCsr09163.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Cisco ASA 5580	=8.1\(1\)

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-7257?
CVE-2008-7257 is considered a critical vulnerability due to its potential to allow remote attackers to inject arbitrary HTTP headers.
How do I fix CVE-2008-7257?
To fix CVE-2008-7257, upgrade to Cisco ASA software version 8.1(2) or later.
What impact does CVE-2008-7257 have on Cisco ASA 5580 devices?
CVE-2008-7257 can lead to HTTP header injection, allowing unauthorized control over web traffic.
Which versions of Cisco ASA are affected by CVE-2008-7257?
CVE-2008-7257 affects Cisco ASA 5580 devices running software versions earlier than 8.1(2).
Who are the potential attackers in CVE-2008-7257?
The potential attackers for CVE-2008-7257 are remote users who can craft malicious HTTP requests to exploit the vulnerability.

agent/weakness
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/cisco
canonical/cisco asa 5580
version/cisco asa 5580/8.1\(1\)

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.