Cisco.Pix.IKE.Information.Disclosure
Description
This indicates an attack attempt against an Information Disclosure vulnerability in Cisco PIX.
The vulnerability is due to insufficient input validation in the application when handling a crafted ISAKMP request. The attacker can exploit this to extract an RSA private key and other sensitive configuration information from a vulnerable server by sending crafted ISAKMP requests.
Affected Products
Cisco PIX pre version 7.0
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Currenty we are unaware of any officially released patch or update for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |