CVE-2010-4690
First published: Fri Jan 07 2011(Updated: )
The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) does not properly authenticate HTTP requests from a Web Security appliance (WSA), which might allow remote attackers to obtain sensitive information via a HEAD request, aka Bug ID CSCte53635.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Adaptive Security Appliance Software | <=8.3\(1\) | |
| Cisco Adaptive Security Appliance Software | =7.0 | |
| Cisco Adaptive Security Appliance Software | =7.0\(0\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(4\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(5.2\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(6.7\) | |
| Cisco Adaptive Security Appliance Software | =7.0.1 | |
| Cisco Adaptive Security Appliance Software | =7.0.1.4 | |
| Cisco Adaptive Security Appliance Software | =7.0.2 | |
| Cisco Adaptive Security Appliance Software | =7.0.4 | |
| Cisco Adaptive Security Appliance Software | =7.0.4.3 | |
| Cisco Adaptive Security Appliance Software | =7.0.5 | |
| Cisco Adaptive Security Appliance Software | =7.0.6 | |
| Cisco Adaptive Security Appliance Software | =7.0.7 | |
| Cisco Adaptive Security Appliance Software | =7.0.8 | |
| Cisco Adaptive Security Appliance Software | =7.0.8-interim | |
| Cisco Adaptive Security Appliance Software | =7.1 | |
| Cisco Adaptive Security Appliance Software | =7.1\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.5\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.27\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.48\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.49\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.1.1 | |
| Cisco Adaptive Security Appliance Software | =7.1.2 | |
| Cisco Adaptive Security Appliance Software | =7.2 | |
| Cisco Adaptive Security Appliance Software | =7.2\(1\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(1.22\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.5\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.7\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.8\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.10\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.14\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.15\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.16\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.17\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.18\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.19\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.48\) | |
| Cisco Adaptive Security Appliance Software | =7.2.1 | |
| Cisco Adaptive Security Appliance Software | =7.2.2 | |
| Cisco Adaptive Security Appliance Software | =7.2.3 | |
| Cisco Adaptive Security Appliance Software | =7.2.4 | |
| Cisco Adaptive Security Appliance Software | =7.2.5 | |
| Cisco Adaptive Security Appliance Software | =8.0 | |
| Cisco Adaptive Security Appliance Software | =8.0.2 | |
| Cisco Adaptive Security Appliance Software | =8.0.3 | |
| Cisco Adaptive Security Appliance Software | =8.0.4 | |
| Cisco Adaptive Security Appliance Software | =8.0.5 | |
| Cisco Adaptive Security Appliance Software | =8.2\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(2\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(3\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(3.9\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(4\) | |
| Cisco Adaptive Security Appliance Software | =8.2.1 | |
| Cisco Adaptive Security Appliance Software | =8.2.2 | |
| Cisco Adaptive Security Appliance Software | =8.2.2-interim | |
| Cisco Adaptive Security Appliance 5500 | ||
| Cisco ASA 5500 CSC-SSM |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-4690?
CVE-2010-4690 is considered to have a moderate severity level, potentially exposing sensitive information.
How do I fix CVE-2010-4690?
To fix CVE-2010-4690, upgrade the Cisco Adaptive Security Appliance Software to version 8.3(2) or later.
Which devices are affected by CVE-2010-4690?
CVE-2010-4690 affects Cisco Adaptive Security Appliances 5500 series devices running software versions prior to 8.3(2).
What type of attack is associated with CVE-2010-4690?
CVE-2010-4690 allows remote attackers to obtain sensitive information by sending crafted HTTP HEAD requests.
Is there a workaround for CVE-2010-4690?
There is no documented workaround for CVE-2010-4690; upgrading to a patched version is the recommended solution.
- collector/nvd-historical
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/weakness
- agent/description
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- vendor/cisco
- canonical/cisco adaptive security appliance software
- version/cisco adaptive security appliance software/8.3\(1\)
- version/cisco adaptive security appliance software/7.0
- version/cisco adaptive security appliance software/7.0\(0\)
- version/cisco adaptive security appliance software/7.0\(2\)
- version/cisco adaptive security appliance software/7.0\(4\)
- version/cisco adaptive security appliance software/7.0\(5\)
- version/cisco adaptive security appliance software/7.0\(5.2\)
- version/cisco adaptive security appliance software/7.0\(6.7\)
- version/cisco adaptive security appliance software/7.0.1
- version/cisco adaptive security appliance software/7.0.1.4
- version/cisco adaptive security appliance software/7.0.2
- version/cisco adaptive security appliance software/7.0.4
- version/cisco adaptive security appliance software/7.0.4.3
- version/cisco adaptive security appliance software/7.0.5
- version/cisco adaptive security appliance software/7.0.6
- version/cisco adaptive security appliance software/7.0.7
- version/cisco adaptive security appliance software/7.0.8
- version/cisco adaptive security appliance software/7.0.8-interim
- version/cisco adaptive security appliance software/7.1
- version/cisco adaptive security appliance software/7.1\(2\)
- version/cisco adaptive security appliance software/7.1\(2.5\)
- version/cisco adaptive security appliance software/7.1\(2.27\)
- version/cisco adaptive security appliance software/7.1\(2.48\)
- version/cisco adaptive security appliance software/7.1\(2.49\)
- version/cisco adaptive security appliance software/7.1\(5\)
- version/cisco adaptive security appliance software/7.1.1
- version/cisco adaptive security appliance software/7.1.2
- version/cisco adaptive security appliance software/7.2
- version/cisco adaptive security appliance software/7.2\(1\)
- version/cisco adaptive security appliance software/7.2\(1.22\)
- version/cisco adaptive security appliance software/7.2\(2\)
- version/cisco adaptive security appliance software/7.2\(2.5\)
- version/cisco adaptive security appliance software/7.2\(2.7\)
- version/cisco adaptive security appliance software/7.2\(2.8\)
- version/cisco adaptive security appliance software/7.2\(2.10\)
- version/cisco adaptive security appliance software/7.2\(2.14\)
- version/cisco adaptive security appliance software/7.2\(2.15\)
- version/cisco adaptive security appliance software/7.2\(2.16\)
- version/cisco adaptive security appliance software/7.2\(2.17\)
- version/cisco adaptive security appliance software/7.2\(2.18\)
- version/cisco adaptive security appliance software/7.2\(2.19\)
- version/cisco adaptive security appliance software/7.2\(2.48\)
- version/cisco adaptive security appliance software/7.2.1
- version/cisco adaptive security appliance software/7.2.2
- version/cisco adaptive security appliance software/7.2.3
- version/cisco adaptive security appliance software/7.2.4
- version/cisco adaptive security appliance software/7.2.5
- version/cisco adaptive security appliance software/8.0
- version/cisco adaptive security appliance software/8.0.2
- version/cisco adaptive security appliance software/8.0.3
- version/cisco adaptive security appliance software/8.0.4
- version/cisco adaptive security appliance software/8.0.5
- version/cisco adaptive security appliance software/8.2\(1\)
- version/cisco adaptive security appliance software/8.2\(2\)
- version/cisco adaptive security appliance software/8.2\(3\)
- version/cisco adaptive security appliance software/8.2\(3.9\)
- version/cisco adaptive security appliance software/8.2\(4\)
- version/cisco adaptive security appliance software/8.2.1
- version/cisco adaptive security appliance software/8.2.2
- version/cisco adaptive security appliance software/8.2.2-interim
- canonical/cisco adaptive security appliance 5500
- canonical/cisco asa 5500 csc-ssm