Vulnerabilities > CVE-2001-1098 - Unspecified vulnerability in Cisco PIX Firewall Manager 4.3(2)G

CVSS 2.1 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

local

low complexity

cisco

NVD

Published: 2001-10-10

Updated: 2017-10-10

Summary

Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco PIX Firewall Manager 4.3\(2\)G	1

References

http://archives.neohapsis.com/archives/bugtraq/2001-10/0071.html
http://www.kb.cert.org/vuls/id/639507
http://www.securityfocus.com/bid/3419
https://exchange.xforce.ibmcloud.com/vulnerabilities/7265