Unrated severityNVD Advisory· Published Jan 20, 2007· Updated Apr 23, 2026

CVE-2007-0397

Description

The Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.3 and Adaptive Security Device Manager (ASDM) before 5.2(2.54) do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitive information or generate incorrect information.

Affected products

Cisco Systems, Inc./Adaptive Security Appliance Device Manager
cpe:2.3:a:cisco:adaptive_security_appliance_device_manager:5.2.53:*:*:*:*:*:*:*
Cisco Systems, Inc./Security Monitoring Analysis And Response System
cpe:2.3:h:cisco:security_monitoring_analysis_and_response_system:4.2.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.cisco.com/en/US/products/products_security_advisory09186a00807c517f.shtmlnvdPatch
osvdb.org/32720nvd
secunia.com/advisories/23836nvd
securitytracker.com/idnvd
securitytracker.com/idnvd
www.securityfocus.com/bid/22111nvd
www.vupen.com/english/advisories/2007/0245nvd
exchange.xforce.ibmcloud.com/vulnerabilities/31567nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000