All the vulnerabilites related to cisco - adaptive_security_appliance
cve-2012-4629
Vulnerability from cvelistv5
Published
2012-09-12 23:00
Modified
2024-08-06 20:42
Severity ?
EPSS score ?
Summary
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/55515 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120912 Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx"
},
{
"name": "55515",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55515"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-23T18:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120912 Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx"
},
{
"name": "55515",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55515"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-4629",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120912 Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx"
},
{
"name": "55515",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55515"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-4629",
"datePublished": "2012-09-12T23:00:00",
"dateReserved": "2012-08-24T00:00:00",
"dateUpdated": "2024-08-06T20:42:54.965Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34790
Vulnerability from cvelistv5
Published
2021-10-27 18:56
Modified
2024-11-07 21:44
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.263Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34790",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:39:46.470574Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:44:01.672Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-358",
"description": "CWE-358",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:56:09",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
}
],
"source": {
"advisory": "cisco-sa-natalg-bypass-cpKGqkng",
"defect": [
[
"CSCvw35444",
"CSCvx50914"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34790",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.7",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-358"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
}
]
},
"source": {
"advisory": "cisco-sa-natalg-bypass-cpKGqkng",
"defect": [
[
"CSCvw35444",
"CSCvx50914"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34790",
"datePublished": "2021-10-27T18:56:09.443390Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:44:01.672Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-20795
Vulnerability from cvelistv5
Published
2022-04-21 18:50
Modified
2024-11-06 16:22
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T02:24:49.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20220420 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-20795",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:40.319401Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:22:08.505Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2022-04-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-21T18:50:50",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20220420 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
}
],
"source": {
"advisory": "cisco-sa-vpndtls-dos-TunzLEV",
"defect": [
[
"CSCvz09106"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2022-04-20T16:00:00",
"ID": "CVE-2022-20795",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.8",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-345"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20220420 Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense Software AnyConnect SSL VPN Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
}
]
},
"source": {
"advisory": "cisco-sa-vpndtls-dos-TunzLEV",
"defect": [
[
"CSCvz09106"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2022-20795",
"datePublished": "2022-04-21T18:50:51.145597Z",
"dateReserved": "2021-11-02T00:00:00",
"dateUpdated": "2024-11-06T16:22:08.505Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0396
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1025108 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65591 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/43488 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2011/0493 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.972Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"name": "1025108",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025108"
},
{
"name": "asa-ca-unauth-access(65591)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65591"
},
{
"name": "43488",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43488"
},
{
"name": "ADV-2011-0493",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0493"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"name": "1025108",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025108"
},
{
"name": "asa-ca-unauth-access(65591)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65591"
},
{
"name": "43488",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43488"
},
{
"name": "ADV-2011-0493",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0493"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0396",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"name": "1025108",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025108"
},
{
"name": "asa-ca-unauth-access(65591)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65591"
},
{
"name": "43488",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43488"
},
{
"name": "ADV-2011-0493",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0493"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0396",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:08.972Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1220
Vulnerability from cvelistv5
Published
2009-04-01 18:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and earlier 7.2 versions including 7.2(2)22, and 8.0(4)28 and earlier 8.0 versions, when clientless mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the Host HTTP header.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/502932 | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/34307 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1022122 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2009/1169 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/49528 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/502313/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=17950 | x_refsource_CONFIRM | |
| http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0478.html | mailing-list, x_refsource_FULLDISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.335Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090424 RE: Cisco ASA5520 Web VPN Host Header XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502932"
},
{
"name": "34307",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34307"
},
{
"name": "1022122",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022122"
},
{
"name": "ADV-2009-1169",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1169"
},
{
"name": "asa5520-webvpn-xss(49528)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49528"
},
{
"name": "20090331 Cisco ASA5520 Web VPN Host Header XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502313/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=17950"
},
{
"name": "20090331 Cisco ASA5520 Web VPN Host Header XSS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0478.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-03-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and earlier 7.2 versions including 7.2(2)22, and 8.0(4)28 and earlier 8.0 versions, when clientless mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the Host HTTP header."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090424 RE: Cisco ASA5520 Web VPN Host Header XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502932"
},
{
"name": "34307",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34307"
},
{
"name": "1022122",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022122"
},
{
"name": "ADV-2009-1169",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1169"
},
{
"name": "asa5520-webvpn-xss(49528)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49528"
},
{
"name": "20090331 Cisco ASA5520 Web VPN Host Header XSS",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502313/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=17950"
},
{
"name": "20090331 Cisco ASA5520 Web VPN Host Header XSS",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0478.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1220",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and earlier 7.2 versions including 7.2(2)22, and 8.0(4)28 and earlier 8.0 versions, when clientless mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the Host HTTP header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090424 RE: Cisco ASA5520 Web VPN Host Header XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502932"
},
{
"name": "34307",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34307"
},
{
"name": "1022122",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022122"
},
{
"name": "ADV-2009-1169",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1169"
},
{
"name": "asa5520-webvpn-xss(49528)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49528"
},
{
"name": "20090331 Cisco ASA5520 Web VPN Host Header XSS",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502313/100/0/threaded"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=17950",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=17950"
},
{
"name": "20090331 Cisco ASA5520 Web VPN Host Header XSS",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0478.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1220",
"datePublished": "2009-04-01T18:00:00",
"dateReserved": "2009-04-01T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.335Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2815
Vulnerability from cvelistv5
Published
2010-08-06 19:31
Modified
2024-09-16 20:58
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/42198 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/40842 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.205Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42198",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42198"
},
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-06T19:31:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "42198",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42198"
},
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2815",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42198",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42198"
},
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-2815",
"datePublished": "2010-08-06T19:31:00Z",
"dateReserved": "2010-07-23T00:00:00Z",
"dateUpdated": "2024-09-16T20:58:54.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1202
Vulnerability from cvelistv5
Published
2009-06-25 17:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/504516/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1022457 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/35480 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2009/1713 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/35511 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090624 Trustwave\u0027s SpiderLabs Security Advisory TWSL2009-002",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"name": "1022457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022457"
},
{
"name": "35480",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35480"
},
{
"name": "ADV-2009-1713",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"name": "35511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35511"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090624 Trustwave\u0027s SpiderLabs Security Advisory TWSL2009-002",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"name": "1022457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022457"
},
{
"name": "35480",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35480"
},
{
"name": "ADV-2009-1713",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"name": "35511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35511"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1202",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090624 Trustwave\u0027s SpiderLabs Security Advisory TWSL2009-002",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"name": "1022457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022457"
},
{
"name": "35480",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35480"
},
{
"name": "ADV-2009-1713",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"name": "35511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35511"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1202",
"datePublished": "2009-06-25T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3554
Vulnerability from cvelistv5
Published
2020-10-21 18:41
Modified
2024-11-13 17:45
Severity ?
EPSS score ?
Summary
A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.973Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3554",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:09.155663Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:45:24.428Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:41:33",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
}
],
"source": {
"advisory": "cisco-sa-asaftd-dos-QFcNEPfx",
"defect": [
[
"CSCvt35897"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3554",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-dos-QFcNEPfx",
"defect": [
[
"CSCvt35897"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3554",
"datePublished": "2020-10-21T18:41:33.900058Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:45:24.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5717
Vulnerability from cvelistv5
Published
2013-01-18 21:00
Modified
2024-08-06 21:14
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.373Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130116 Cisco Adaptive Security Appliance SSH Timeout Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-02T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130116 Cisco Adaptive Security Appliance SSH Timeout Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-5717",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130116 Cisco Adaptive Security Appliance SSH Timeout Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-5717",
"datePublished": "2013-01-18T21:00:00",
"dateReserved": "2012-11-02T00:00:00",
"dateUpdated": "2024-08-06T21:14:16.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3304
Vulnerability from cvelistv5
Published
2020-10-21 18:36
Modified
2024-11-13 17:21
Severity ?
EPSS score ?
Summary
A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.908Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3304",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:21:22.492518Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:21:32.435Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:36:47",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
}
],
"source": {
"advisory": "cisco-sa-asaftd-webdos-fBzM5Ynw",
"defect": [
[
"CSCvs10748",
"CSCvt70322"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3304",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-webdos-fBzM5Ynw",
"defect": [
[
"CSCvs10748",
"CSCvt70322"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3304",
"datePublished": "2020-10-21T18:36:47.782306Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:21:32.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-6395
Vulnerability from cvelistv5
Published
2013-01-18 21:00
Modified
2024-08-06 21:28
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/51955 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id/1028009 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6395 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51955",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51955"
},
{
"name": "1028009",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028009"
},
{
"name": "20130112 Cisco Adaptive Security Appliance CIFS UNC Input Validation Issue",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6395"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-02T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "51955",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51955"
},
{
"name": "1028009",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028009"
},
{
"name": "20130112 Cisco Adaptive Security Appliance CIFS UNC Input Validation Issue",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6395"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-6395",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51955",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51955"
},
{
"name": "1028009",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028009"
},
{
"name": "20130112 Cisco Adaptive Security Appliance CIFS UNC Input Validation Issue",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6395"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-6395",
"datePublished": "2013-01-18T21:00:00",
"dateReserved": "2012-12-16T00:00:00",
"dateUpdated": "2024-08-06T21:28:39.810Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1152
Vulnerability from cvelistv5
Published
2013-04-11 10:00
Modified
2024-09-16 23:42
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:49:20.664Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130410 Multiple Vulnerabilities in Cisco ASA Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-11T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130410 Multiple Vulnerabilities in Cisco ASA Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1152",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130410 Multiple Vulnerabilities in Cisco ASA Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1152",
"datePublished": "2013-04-11T10:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-16T23:42:16.494Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3303
Vulnerability from cvelistv5
Published
2020-05-06 16:42
Modified
2024-11-15 17:23
Severity ?
EPSS score ?
Summary
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:28:35.653177Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:23:02.286Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-399",
"description": "CWE-399",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-06T16:42:20",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
}
],
"source": {
"advisory": "cisco-sa-asa-dos-BqYFRJt9",
"defect": [
[
"CSCvq66080"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-05-06T16:00:00-0700",
"ID": "CVE-2020-3303",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-399"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software IKEv1 Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
}
]
},
"source": {
"advisory": "cisco-sa-asa-dos-BqYFRJt9",
"defect": [
[
"CSCvq66080"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3303",
"datePublished": "2020-05-06T16:42:21.009228Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:23:02.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2814
Vulnerability from cvelistv5
Published
2010-08-06 19:31
Modified
2024-09-16 18:28
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/40842 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/42196 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.553Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "42196",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42196"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-06T19:31:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "42196",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42196"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2814",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "42196",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42196"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-2814",
"datePublished": "2010-08-06T19:31:00Z",
"dateReserved": "2010-07-23T00:00:00Z",
"dateUpdated": "2024-09-16T18:28:23.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12676
Vulnerability from cvelistv5
Published
2019-10-02 19:06
Modified
2024-11-21 19:12
Severity ?
EPSS score ?
Summary
A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.354Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12676",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:56:47.710714Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:12:54.499Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-02T19:06:39",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
}
],
"source": {
"advisory": "cisco-sa-20191002-asa-ospf-lsa-dos",
"defect": [
[
"CSCvp49790"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-10-02T16:00:00-0700",
"ID": "CVE-2019-12676",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.4",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPF LSA Processing Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20191002-asa-ospf-lsa-dos",
"defect": [
[
"CSCvp49790"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12676",
"datePublished": "2019-10-02T19:06:39.129038Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-21T19:12:54.499Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34787
Vulnerability from cvelistv5
Published
2021-10-27 18:56
Modified
2024-11-07 21:45
Severity ?
EPSS score ?
Summary
A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.219Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34787",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:44:30.622445Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:45:57.012Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-183",
"description": "CWE-183",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:56:03",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
}
],
"source": {
"advisory": "cisco-sa-asaftd-rule-bypass-ejjOgQEY",
"defect": [
[
"CSCvx47895"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34787",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-183"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Identity-Based Rule Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-rule-bypass-ejjOgQEY",
"defect": [
[
"CSCvx47895"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34787",
"datePublished": "2021-10-27T18:56:03.870419Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:45:57.012Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3382
Vulnerability from cvelistv5
Published
2013-06-26 19:00
Modified
2024-09-17 00:35
Severity ?
EPSS score ?
Summary
The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-ngfw | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:07:37.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130626 Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-ngfw"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-06-26T19:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130626 Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-ngfw"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-3382",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130626 Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-ngfw"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-3382",
"datePublished": "2013-06-26T19:00:00Z",
"dateReserved": "2013-05-06T00:00:00Z",
"dateUpdated": "2024-09-17T00:35:35.615Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3529
Vulnerability from cvelistv5
Published
2020-10-21 18:35
Modified
2024-11-13 17:50
Severity ?
EPSS score ?
Summary
A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3529",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:27.863718Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:50:14.155Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:35:35",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
}
],
"source": {
"advisory": "cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx",
"defect": [
[
"CSCvu59817"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3529",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL VPN Direct Memory Access Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx",
"defect": [
[
"CSCvu59817"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3529",
"datePublished": "2020-10-21T18:35:35.349798Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:50:14.155Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12673
Vulnerability from cvelistv5
Published
2019-10-02 19:00
Modified
2024-11-19 18:54
Severity ?
EPSS score ?
Summary
A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12673",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:22:49.483667Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:54:42.216Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-02T19:00:18",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
}
],
"source": {
"advisory": "cisco-sa-20191002-asa-dos",
"defect": [
[
"CSCvo83169"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-10-02T16:00:00-0700",
"ID": "CVE-2019-12673",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20191002-asa-dos",
"defect": [
[
"CSCvo83169"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12673",
"datePublished": "2019-10-02T19:00:18.444054Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-19T18:54:42.216Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0653
Vulnerability from cvelistv5
Published
2014-01-08 21:00
Modified
2024-08-06 09:20
Severity ?
EPSS score ?
Summary
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653 | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90165 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/64708 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/56366 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id/1029570 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/101834 | vdb-entry, x_refsource_OSVDB | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=32363 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:20:19.903Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140107 Cisco Adaptive Security Appliance Identity Firewall NetBIOS Logout Probe Auth State Change Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653"
},
{
"name": "cisco-asa-cve20140653-sec-bypass(90165)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90165"
},
{
"name": "64708",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64708"
},
{
"name": "56366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56366"
},
{
"name": "1029570",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029570"
},
{
"name": "101834",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/101834"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140107 Cisco Adaptive Security Appliance Identity Firewall NetBIOS Logout Probe Auth State Change Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653"
},
{
"name": "cisco-asa-cve20140653-sec-bypass(90165)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90165"
},
{
"name": "64708",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64708"
},
{
"name": "56366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56366"
},
{
"name": "1029570",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029570"
},
{
"name": "101834",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/101834"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-0653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140107 Cisco Adaptive Security Appliance Identity Firewall NetBIOS Logout Probe Auth State Change Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653"
},
{
"name": "cisco-asa-cve20140653-sec-bypass(90165)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90165"
},
{
"name": "64708",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64708"
},
{
"name": "56366",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56366"
},
{
"name": "1029570",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029570"
},
{
"name": "101834",
"refsource": "OSVDB",
"url": "http://osvdb.org/101834"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-0653",
"datePublished": "2014-01-08T21:00:00",
"dateReserved": "2014-01-02T00:00:00",
"dateUpdated": "2024-08-06T09:20:19.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3564
Vulnerability from cvelistv5
Published
2020-10-21 18:40
Modified
2024-11-13 17:46
Severity ?
EPSS score ?
Summary
A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.957Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3564",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:13.801577Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:46:31.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:40:58",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
}
],
"source": {
"advisory": "cisco-sa-asaftd-ftpbypass-HY3UTxYu",
"defect": [
[
"CSCvt13445"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3564",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software FTP Inspection Bypass Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-ftpbypass-HY3UTxYu",
"defect": [
[
"CSCvt13445"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3564",
"datePublished": "2020-10-21T18:40:58.904272Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:46:31.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12698
Vulnerability from cvelistv5
Published
2019-10-02 19:06
Modified
2024-11-19 18:53
Severity ?
EPSS score ?
Summary
A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.216Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12698",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:22:43.649754Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:53:53.687Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-02T19:06:48",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
}
],
"source": {
"advisory": "cisco-sa-20191002-asa-ftd-dos",
"defect": [
[
"CSCvp76944"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-10-02T16:00:00-0700",
"ID": "CVE-2019-12698",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CPU Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20191002-asa-ftd-dos",
"defect": [
[
"CSCvp76944"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12698",
"datePublished": "2019-10-02T19:06:48.792162Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-19T18:53:53.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1579
Vulnerability from cvelistv5
Published
2010-08-06 19:31
Modified
2024-09-16 22:51
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/40842 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:42.747Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-06T19:31:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-1579",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-1579",
"datePublished": "2010-08-06T19:31:00Z",
"dateReserved": "2010-04-27T00:00:00Z",
"dateUpdated": "2024-09-16T22:51:20.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1578
Vulnerability from cvelistv5
Published
2010-08-06 19:31
Modified
2024-09-16 18:38
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/40842 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:42.850Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-06T19:31:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-1578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-1578",
"datePublished": "2010-08-06T19:31:00Z",
"dateReserved": "2010-04-27T00:00:00Z",
"dateUpdated": "2024-09-16T18:38:41.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1194
Vulnerability from cvelistv5
Published
2013-04-18 18:00
Modified
2024-08-06 14:57
Severity ?
EPSS score ?
Summary
The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194 | vendor-advisory, x_refsource_CISCO | |
| http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:02.944Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130417 Cisco ASA Software VPN Group Enumeration Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"
},
{
"name": "20130418 TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-02T13:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130417 Cisco ASA Software VPN Group Enumeration Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"
},
{
"name": "20130418 TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1194",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130417 Cisco ASA Software VPN Group Enumeration Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"
},
{
"name": "20130418 TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1194",
"datePublished": "2013-04-18T18:00:00",
"dateReserved": "2013-01-11T00:00:00",
"dateUpdated": "2024-08-06T14:57:02.944Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3436
Vulnerability from cvelistv5
Published
2020-10-21 18:36
Modified
2024-11-13 17:48
Severity ?
EPSS score ?
Summary
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:53.979Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3436",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:24.015798Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:48:38.998Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:36:24",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
}
],
"source": {
"advisory": "cisco-sa-asaftd-fileup-dos-zvC7wtys",
"defect": [
[
"CSCvt60190"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3436",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services File Upload Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-fileup-dos-zvC7wtys",
"defect": [
[
"CSCvt60190"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3436",
"datePublished": "2020-10-21T18:36:24.103971Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:48:38.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2816
Vulnerability from cvelistv5
Published
2010-08-06 19:31
Modified
2024-09-16 16:43
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/42189 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/40842 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.064Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42189",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42189"
},
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-06T19:31:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "42189",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42189"
},
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2816",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42189",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42189"
},
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-2816",
"datePublished": "2010-08-06T19:31:00Z",
"dateReserved": "2010-07-23T00:00:00Z",
"dateUpdated": "2024-09-16T16:43:57.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-1385
Vulnerability from cvelistv5
Published
2016-05-26 15:00
Modified
2024-08-05 22:55
Severity ?
EPSS score ?
Summary
The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1035976 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:55:14.319Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1035976",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035976"
},
{
"name": "20160517 Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-05-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1035976",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035976"
},
{
"name": "20160517 Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2016-1385",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1035976",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035976"
},
{
"name": "20160517 Cisco Adaptive Security Appliance XML Parser Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2016-1385",
"datePublished": "2016-05-26T15:00:00",
"dateReserved": "2016-01-04T00:00:00",
"dateUpdated": "2024-08-05T22:55:14.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-1573
Vulnerability from cvelistv5
Published
2022-01-11 18:55
Modified
2024-11-06 16:47
Severity ?
EPSS score ?
Summary
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance Software |
Version: unspecified < 6.4.0.13 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:18:10.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-1573",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-06T16:01:58.648981Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-06T16:47:14.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.4.0.13",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Cisco Firepower Threat Defense Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "6.6.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121 Stack-based Buffer Overflow",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-11T18:55:11",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
}
],
"source": {
"advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
"defect": [
"",
"CSCvy36910"
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T17:38:00.000Z",
"ID": "CVE-2021-1573",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.4.0.13"
}
]
}
},
{
"product_name": "Cisco Firepower Threat Defense Software",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "6.6.5"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-787 Out-of-bounds Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
}
]
},
"source": {
"advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
"defect": [
"",
"CSCvy36910"
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-1573",
"datePublished": "2022-01-11T18:55:11.325842Z",
"dateReserved": "2020-11-13T00:00:00",
"dateUpdated": "2024-11-06T16:47:14.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1201
Vulnerability from cvelistv5
Published
2009-06-25 17:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/35476 | vdb-entry, x_refsource_BID | |
| https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/504516/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1022457 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2009/1713 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/35511 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:49.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35476",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35476"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt"
},
{
"name": "20090624 Trustwave\u0027s SpiderLabs Security Advisory TWSL2009-002",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"name": "1022457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022457"
},
{
"name": "ADV-2009-1713",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"name": "35511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35511"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN[\u0027process\u0027] to the name of a crafted function, aka Bug ID CSCsy80694."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35476",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35476"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt"
},
{
"name": "20090624 Trustwave\u0027s SpiderLabs Security Advisory TWSL2009-002",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"name": "1022457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022457"
},
{
"name": "ADV-2009-1713",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"name": "35511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35511"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN[\u0027process\u0027] to the name of a crafted function, aka Bug ID CSCsy80694."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35476",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35476"
},
{
"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt",
"refsource": "MISC",
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt"
},
{
"name": "20090624 Trustwave\u0027s SpiderLabs Security Advisory TWSL2009-002",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"name": "1022457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022457"
},
{
"name": "ADV-2009-1713",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"name": "35511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35511"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1201",
"datePublished": "2009-06-25T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T05:04:49.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3555
Vulnerability from cvelistv5
Published
2020-10-21 18:41
Modified
2024-11-13 17:45
Severity ?
EPSS score ?
Summary
A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:55.309Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3555",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:22:41.603478Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:45:33.271Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-404",
"description": "CWE-404",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:41:28",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
}
],
"source": {
"advisory": "cisco-sa-asaftd-sipdos-3DGvdjvg",
"defect": [
[
"CSCvu15801"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3555",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-404"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-sipdos-3DGvdjvg",
"defect": [
[
"CSCvu15801"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3555",
"datePublished": "2020-10-21T18:41:28.381068Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:45:33.271Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-6696
Vulnerability from cvelistv5
Published
2013-12-02 22:00
Modified
2024-08-06 17:46
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6696 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:46:22.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20131202 Cisco ASA Malformed DNS Reply Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6696"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-12-02T21:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20131202 Cisco ASA Malformed DNS Reply Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6696"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-6696",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20131202 Cisco ASA Malformed DNS Reply Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6696"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-6696",
"datePublished": "2013-12-02T22:00:00",
"dateReserved": "2013-11-07T00:00:00",
"dateUpdated": "2024-08-06T17:46:22.665Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3463
Vulnerability from cvelistv5
Published
2013-08-30 01:00
Modified
2024-08-06 16:07
Severity ?
EPSS score ?
Summary
The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=30607 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/62068 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1028968 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:07:37.998Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30607"
},
{
"name": "62068",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/62068"
},
{
"name": "1028968",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028968"
},
{
"name": "20130829 Cisco ASA Protcol Inspection Connection Table Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-08-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-11T09:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30607"
},
{
"name": "62068",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/62068"
},
{
"name": "1028968",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028968"
},
{
"name": "20130829 Cisco ASA Protcol Inspection Connection Table Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-3463",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30607",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30607"
},
{
"name": "62068",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/62068"
},
{
"name": "1028968",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028968"
},
{
"name": "20130829 Cisco ASA Protcol Inspection Connection Table Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-3463",
"datePublished": "2013-08-30T01:00:00",
"dateReserved": "2013-05-06T00:00:00",
"dateUpdated": "2024-08-06T16:07:37.998Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1138
Vulnerability from cvelistv5
Published
2013-02-25 20:00
Modified
2024-09-16 18:49
Severity ?
EPSS score ?
Summary
The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1138 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:49:20.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130225 Cisco ASA Connections Table Exhaustion Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1138"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-02-25T20:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130225 Cisco ASA Connections Table Exhaustion Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1138"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1138",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130225 Cisco ASA Connections Table Exhaustion Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1138"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1138",
"datePublished": "2013-02-25T20:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-16T18:49:46.498Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3306
Vulnerability from cvelistv5
Published
2020-05-06 16:42
Modified
2024-11-15 17:22
Severity ?
EPSS score ?
Summary
A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3306",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:28:32.330739Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:22:34.105Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-06T16:42:29",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
}
],
"source": {
"advisory": "cisco-sa-asaftd-dos-qk8cTGLz",
"defect": [
[
"CSCvq41939"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-05-06T16:00:00-0700",
"ID": "CVE-2020-3306",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software DHCP Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-dos-qk8cTGLz",
"defect": [
[
"CSCvq41939"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3306",
"datePublished": "2020-05-06T16:42:30.062823Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:22:34.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12693
Vulnerability from cvelistv5
Published
2019-10-02 19:06
Modified
2024-11-21 19:12
Severity ?
EPSS score ?
Summary
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials on the affected device. A successful exploit could allow the attacker to cause the length variable to roll over, which could cause the affected device to crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-scp-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.256Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software Secure Copy Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-scp-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12693",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:56:43.425342Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:12:21.527Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials on the affected device. A successful exploit could allow the attacker to cause the length variable to roll over, which could cause the affected device to crash."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-704",
"description": "CWE-704",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-02T19:06:46",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software Secure Copy Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-scp-dos"
}
],
"source": {
"advisory": "cisco-sa-20191002-asa-scp-dos",
"defect": [
[
"CSCvo51265"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software Secure Copy Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-10-02T16:00:00-0700",
"ID": "CVE-2019-12693",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software Secure Copy Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials on the affected device. A successful exploit could allow the attacker to cause the length variable to roll over, which could cause the affected device to crash."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-704"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software Secure Copy Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-scp-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20191002-asa-scp-dos",
"defect": [
[
"CSCvo51265"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12693",
"datePublished": "2019-10-02T19:06:46.417119Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-21T19:12:21.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0394
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65593 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1025108 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/46518 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2011/0494 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/43453 | third-party-advisory, x_refsource_SECUNIA | |
| http://secunia.com/advisories/43488 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2011/0493 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1025109 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:09.078Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"name": "cisco-fwsm-sccp-dos(65593)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65593"
},
{
"name": "1025108",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025108"
},
{
"name": "46518",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46518"
},
{
"name": "ADV-2011-0494",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0494"
},
{
"name": "43453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43453"
},
{
"name": "43488",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43488"
},
{
"name": "ADV-2011-0493",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"name": "1025109",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025109"
},
{
"name": "20110223 Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"name": "cisco-fwsm-sccp-dos(65593)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65593"
},
{
"name": "1025108",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025108"
},
{
"name": "46518",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46518"
},
{
"name": "ADV-2011-0494",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0494"
},
{
"name": "43453",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43453"
},
{
"name": "43488",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43488"
},
{
"name": "ADV-2011-0493",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"name": "1025109",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025109"
},
{
"name": "20110223 Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0394",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"name": "cisco-fwsm-sccp-dos(65593)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65593"
},
{
"name": "1025108",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025108"
},
{
"name": "46518",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46518"
},
{
"name": "ADV-2011-0494",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0494"
},
{
"name": "43453",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43453"
},
{
"name": "43488",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43488"
},
{
"name": "ADV-2011-0493",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"name": "1025109",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025109"
},
{
"name": "20110223 Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0394",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:09.078Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40117
Vulnerability from cvelistv5
Published
2021-10-27 18:56
Modified
2024-11-07 21:45
Severity ?
EPSS score ?
Summary
A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9 | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.839Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40117",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:44:23.302529Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:45:24.364Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:56:48",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
}
],
"source": {
"advisory": "cisco-sa-asaftd-dos-4ygzLKU9",
"defect": [
[
"CSCvy43187"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-40117",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-dos-4ygzLKU9",
"defect": [
[
"CSCvy43187"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-40117",
"datePublished": "2021-10-27T18:56:48.507586Z",
"dateReserved": "2021-08-25T00:00:00",
"dateUpdated": "2024-11-07T21:45:24.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12695
Vulnerability from cvelistv5
Published
2019-10-02 19:06
Modified
2024-11-21 19:12
Severity ?
EPSS score ?
Summary
A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.460Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12695",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-21T18:56:41.790027Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T19:12:12.103Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-02T19:06:47",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
}
],
"source": {
"advisory": "cisco-sa-20191002-asa-xss",
"defect": [
[
"CSCvp33341"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-10-02T16:00:00-0700",
"ID": "CVE-2019-12695",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.1",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191002 Cisco Adaptive Security Appliance and Firepower Threat Defense Software WebVPN Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
}
]
},
"source": {
"advisory": "cisco-sa-20191002-asa-xss",
"defect": [
[
"CSCvp33341"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12695",
"datePublished": "2019-10-02T19:06:47.387950Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-21T19:12:12.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-0655
Vulnerability from cvelistv5
Published
2014-01-08 21:00
Modified
2024-08-06 09:20
Severity ?
EPSS score ?
Summary
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1029575 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/56366 | third-party-advisory, x_refsource_SECUNIA | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0655 | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=32362 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/64700 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/101838 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/90164 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T09:20:19.716Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1029575",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029575"
},
{
"name": "56366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56366"
},
{
"name": "20140107 Cisco Adaptive Security Appliance RADIUS Change of Authorization Message Replay Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0655"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32362"
},
{
"name": "64700",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64700"
},
{
"name": "101838",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/101838"
},
{
"name": "cisco-asa-cve20140655-sec-bypass(90164)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90164"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-01-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1029575",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029575"
},
{
"name": "56366",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56366"
},
{
"name": "20140107 Cisco Adaptive Security Appliance RADIUS Change of Authorization Message Replay Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0655"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32362"
},
{
"name": "64700",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64700"
},
{
"name": "101838",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/101838"
},
{
"name": "cisco-asa-cve20140655-sec-bypass(90164)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90164"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-0655",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1029575",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029575"
},
{
"name": "56366",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56366"
},
{
"name": "20140107 Cisco Adaptive Security Appliance RADIUS Change of Authorization Message Replay Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0655"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32362",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32362"
},
{
"name": "64700",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64700"
},
{
"name": "101838",
"refsource": "OSVDB",
"url": "http://osvdb.org/101838"
},
{
"name": "cisco-asa-cve20140655-sec-bypass(90164)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90164"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-0655",
"datePublished": "2014-01-08T21:00:00",
"dateReserved": "2014-01-02T00:00:00",
"dateUpdated": "2024-08-06T09:20:19.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34791
Vulnerability from cvelistv5
Published
2021-10-27 18:56
Modified
2024-11-07 21:43
Severity ?
EPSS score ?
Summary
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34791",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:39:44.922495Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:43:54.507Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-358",
"description": "CWE-358",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:56:14",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
}
],
"source": {
"advisory": "cisco-sa-natalg-bypass-cpKGqkng",
"defect": [
[
"CSCvw35444",
"CSCvx50914"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34791",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.7",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-358"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Application Level Gateway Bypass Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
}
]
},
"source": {
"advisory": "cisco-sa-natalg-bypass-cpKGqkng",
"defect": [
[
"CSCvw35444",
"CSCvx50914"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34791",
"datePublished": "2021-10-27T18:56:15.009931Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:43:54.507Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-40118
Vulnerability from cvelistv5
Published
2021-10-27 18:56
Modified
2024-11-07 21:45
Severity ?
EPSS score ?
Summary
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T02:27:31.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-40118",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:44:22.102613Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:45:17.254Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-121",
"description": "CWE-121",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-01-11T20:25:20",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
}
],
"source": {
"advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
"defect": [
[
"CSCvy36910",
"CSCvy58278",
"CSCvy89144"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-40118",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
}
]
},
"source": {
"advisory": "cisco-sa-asafdt-webvpn-dos-KSqJAKPA",
"defect": [
[
"CSCvy36910",
"CSCvy58278",
"CSCvy89144"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-40118",
"datePublished": "2021-10-27T18:56:54.065412Z",
"dateReserved": "2021-08-25T00:00:00",
"dateUpdated": "2024-11-07T21:45:17.254Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1203
Vulnerability from cvelistv5
Published
2009-06-25 17:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/504516/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1022457 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2009/1713 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/35475 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/35511 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:48.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20090624 Trustwave\u0027s SpiderLabs Security Advisory TWSL2009-002",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"name": "1022457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022457"
},
{
"name": "ADV-2009-1713",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"name": "35475",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35475"
},
{
"name": "35511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35511"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20090624 Trustwave\u0027s SpiderLabs Security Advisory TWSL2009-002",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"name": "1022457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022457"
},
{
"name": "ADV-2009-1713",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"name": "35475",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35475"
},
{
"name": "35511",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35511"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-1203",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20090624 Trustwave\u0027s SpiderLabs Security Advisory TWSL2009-002",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"name": "1022457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022457"
},
{
"name": "ADV-2009-1713",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"name": "35475",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35475"
},
{
"name": "35511",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35511"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-1203",
"datePublished": "2009-06-25T17:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-07T05:04:48.991Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1580
Vulnerability from cvelistv5
Published
2010-08-06 19:31
Modified
2024-09-16 17:43
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/40842 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:41.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-06T19:31:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-1580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-1580",
"datePublished": "2010-08-06T19:31:00Z",
"dateReserved": "2010-04-27T00:00:00Z",
"dateUpdated": "2024-09-16T17:43:02.852Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5415
Vulnerability from cvelistv5
Published
2013-04-16 10:00
Modified
2024-09-17 01:05
Severity ?
EPSS score ?
Summary
Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130411 Secondary Flows Lookup Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-16T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130411 Secondary Flows Lookup Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-5415",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130411 Secondary Flows Lookup Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-5415",
"datePublished": "2013-04-16T10:00:00Z",
"dateReserved": "2012-10-17T00:00:00Z",
"dateUpdated": "2024-09-17T01:05:51.612Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3561
Vulnerability from cvelistv5
Published
2020-10-21 18:41
Modified
2024-11-13 17:46
Severity ?
EPSS score ?
Summary
A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.980Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3561",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:22:44.032373Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:46:01.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-93",
"description": "CWE-93",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:41:14",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
}
],
"source": {
"advisory": "cisco-sa-asa-ftd-crlf-inj-BX9uRwSn",
"defect": [
[
"CSCvt18028"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3561",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "4.7",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-93"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software WebVPN CRLF Injection Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
}
]
},
"source": {
"advisory": "cisco-sa-asa-ftd-crlf-inj-BX9uRwSn",
"defect": [
[
"CSCvt18028"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3561",
"datePublished": "2020-10-21T18:41:14.587726Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:46:01.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1150
Vulnerability from cvelistv5
Published
2013-04-11 10:00
Modified
2024-09-16 19:05
Severity ?
EPSS score ?
Summary
The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1150 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:49:20.793Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130410 Multiple Vulnerabilities in Cisco ASA Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
},
{
"name": "20130410 Crafted URL Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-11T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130410 Multiple Vulnerabilities in Cisco ASA Software",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
},
{
"name": "20130410 Crafted URL Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1150",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130410 Multiple Vulnerabilities in Cisco ASA Software",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
},
{
"name": "20130410 Crafted URL Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1150",
"datePublished": "2013-04-11T10:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-16T19:05:09.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-2817
Vulnerability from cvelistv5
Published
2010-08-06 19:31
Modified
2024-09-17 00:00
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/40842 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/42190 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:46:48.150Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "42190",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42190"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-06T19:31:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "42190",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42190"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-2817",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "42190",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42190"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-2817",
"datePublished": "2010-08-06T19:31:00Z",
"dateReserved": "2010-07-23T00:00:00Z",
"dateUpdated": "2024-09-17T00:00:51.683Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-1581
Vulnerability from cvelistv5
Published
2010-08-06 19:31
Modified
2024-09-16 20:23
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/40842 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/42187 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:28:41.612Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"name": "42187",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/42187"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-08-06T19:31:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "40842",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"name": "42187",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/42187"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-1581",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "40842",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/40842"
},
{
"name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"name": "42187",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/42187"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-1581",
"datePublished": "2010-08-06T19:31:00Z",
"dateReserved": "2010-04-27T00:00:00Z",
"dateUpdated": "2024-09-16T20:23:00.522Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3528
Vulnerability from cvelistv5
Published
2020-10-21 18:35
Modified
2024-11-13 17:50
Severity ?
EPSS score ?
Summary
A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:54.684Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3528",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:26.713141Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:50:05.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:35:40",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
}
],
"source": {
"advisory": "cisco-sa-asaftd-ospflls-37Xy2q6r",
"defect": [
[
"CSCvt83121"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3528",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software OSPFv2 Link-Local Signaling Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
}
]
},
"source": {
"advisory": "cisco-sa-asaftd-ospflls-37Xy2q6r",
"defect": [
[
"CSCvt83121"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3528",
"datePublished": "2020-10-21T18:35:40.437725Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:50:05.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5569
Vulnerability from cvelistv5
Published
2007-10-18 21:00
Modified
2024-08-07 15:39
Severity ?
EPSS score ?
Summary
Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1018827 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/27193 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/3531 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1018826 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/37260 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/26104 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.585Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20071017 Multiple Vulnerabilities in Cisco PIX and ASA Appliance",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml"
},
{
"name": "1018827",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018827"
},
{
"name": "27193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27193"
},
{
"name": "ADV-2007-3531",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3531"
},
{
"name": "1018826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018826"
},
{
"name": "cisco-asa-pix-tls-dos(37260)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37260"
},
{
"name": "26104",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26104"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20071017 Multiple Vulnerabilities in Cisco PIX and ASA Appliance",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml"
},
{
"name": "1018827",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018827"
},
{
"name": "27193",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27193"
},
{
"name": "ADV-2007-3531",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3531"
},
{
"name": "1018826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018826"
},
{
"name": "cisco-asa-pix-tls-dos(37260)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37260"
},
{
"name": "26104",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26104"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20071017 Multiple Vulnerabilities in Cisco PIX and ASA Appliance",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml"
},
{
"name": "1018827",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018827"
},
{
"name": "27193",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27193"
},
{
"name": "ADV-2007-3531",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3531"
},
{
"name": "1018826",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018826"
},
{
"name": "cisco-asa-pix-tls-dos(37260)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37260"
},
{
"name": "26104",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26104"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5569",
"datePublished": "2007-10-18T21:00:00",
"dateReserved": "2007-10-18T00:00:00",
"dateUpdated": "2024-08-07T15:39:13.585Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2056
Vulnerability from cvelistv5
Published
2008-06-04 21:00
Modified
2024-08-07 08:49
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42836 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1020178 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/30552 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securitytracker.com/id?1020179 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/1750/references | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:49:56.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
},
{
"name": "cisco-pix-asa-tls-dos(42836)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42836"
},
{
"name": "1020178",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020178"
},
{
"name": "30552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30552"
},
{
"name": "1020179",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020179"
},
{
"name": "ADV-2008-1750",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1750/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-06-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
},
{
"name": "cisco-pix-asa-tls-dos(42836)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42836"
},
{
"name": "1020178",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020178"
},
{
"name": "30552",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30552"
},
{
"name": "1020179",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020179"
},
{
"name": "ADV-2008-1750",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1750/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-2056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080604 Multiple Vulnerabilities in Cisco PIX and Cisco ASA",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
},
{
"name": "cisco-pix-asa-tls-dos(42836)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42836"
},
{
"name": "1020178",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020178"
},
{
"name": "30552",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30552"
},
{
"name": "1020179",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020179"
},
{
"name": "ADV-2008-1750",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1750/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-2056",
"datePublished": "2008-06-04T21:00:00",
"dateReserved": "2008-05-02T00:00:00",
"dateUpdated": "2024-08-07T08:49:56.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-12265
Vulnerability from cvelistv5
Published
2017-10-05 07:00
Modified
2024-08-05 18:28
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. The vulnerability exists in the Cisco Adaptive Security Appliance (ASA) Software when the WEBVPN feature is enabled. Cisco Bug IDs: CSCve91068.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/101170 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1039502 | vdb-entry, x_refsource_SECTRACK | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco Adaptive Security Appliance Software |
Version: Cisco Adaptive Security Appliance Software |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:28:16.790Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "101170",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101170"
},
{
"name": "1039502",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039502"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance Software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco Adaptive Security Appliance Software"
}
]
}
],
"datePublic": "2017-10-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. The vulnerability exists in the Cisco Adaptive Security Appliance (ASA) Software when the WEBVPN feature is enabled. Cisco Bug IDs: CSCve91068."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-06T09:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "101170",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101170"
},
{
"name": "1039502",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039502"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-12265",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance Software",
"version": {
"version_data": [
{
"version_value": "Cisco Adaptive Security Appliance Software"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. The vulnerability exists in the Cisco Adaptive Security Appliance (ASA) Software when the WEBVPN feature is enabled. Cisco Bug IDs: CSCve91068."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "101170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101170"
},
{
"name": "1039502",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039502"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-12265",
"datePublished": "2017-10-05T07:00:00",
"dateReserved": "2017-08-03T00:00:00",
"dateUpdated": "2024-08-05T18:28:16.790Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-0395
Vulnerability from cvelistv5
Published
2011-02-25 11:00
Modified
2024-08-06 21:51
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1025108 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/43488 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2011/0493 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65590 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:09.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"name": "1025108",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025108"
},
{
"name": "43488",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43488"
},
{
"name": "ADV-2011-0493",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"name": "asa-rip-dos(65590)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65590"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"name": "1025108",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025108"
},
{
"name": "43488",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43488"
},
{
"name": "ADV-2011-0493",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"name": "asa-rip-dos(65590)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65590"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0395",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110223 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"name": "1025108",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025108"
},
{
"name": "43488",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43488"
},
{
"name": "ADV-2011-0493",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"name": "asa-rip-dos(65590)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65590"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0395",
"datePublished": "2011-02-25T11:00:00",
"dateReserved": "2011-01-07T00:00:00",
"dateUpdated": "2024-08-06T21:51:09.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3305
Vulnerability from cvelistv5
Published
2020-05-06 16:42
Modified
2024-11-15 17:22
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:30:57.658Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3305",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-15T16:28:34.112185Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-15T17:22:45.767Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-05-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-06T16:42:25",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
}
],
"source": {
"advisory": "cisco-sa-asa-dos-P43GCE5j",
"defect": [
[
"CSCvq66092"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-05-06T16:00:00-0700",
"ID": "CVE-2020-3305",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.8",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20200506 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software BGP Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
}
]
},
"source": {
"advisory": "cisco-sa-asa-dos-P43GCE5j",
"defect": [
[
"CSCvq66092"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3305",
"datePublished": "2020-05-06T16:42:25.564579Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-15T17:22:45.767Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3572
Vulnerability from cvelistv5
Published
2020-10-21 18:40
Modified
2024-11-13 17:47
Severity ?
EPSS score ?
Summary
A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:55.499Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3572",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:12:17.463380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:47:00.373Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:40:42",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
}
],
"source": {
"advisory": "cisco-sa-asa-ftd-tcp-dos-N3DMnU4T",
"defect": [
[
"CSCvu46685"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3572",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-400"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Session Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
}
]
},
"source": {
"advisory": "cisco-sa-asa-ftd-tcp-dos-N3DMnU4T",
"defect": [
[
"CSCvu46685"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3572",
"datePublished": "2020-10-21T18:40:42.858255Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:47:00.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-20107
Vulnerability from cvelistv5
Published
2023-03-23 00:00
Modified
2024-10-28 16:31
Severity ?
EPSS score ?
Summary
A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:57:35.883Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20230322 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-20107",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-28T16:24:36.112775Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-28T16:31:56.892Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software ",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2023-03-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. "
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-332",
"description": "CWE-332",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-23T00:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20230322 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP"
}
],
"source": {
"advisory": "cisco-sa-asa5500x-entropy-6v9bHVYP",
"defect": [
[
"CSCvm90511"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Low-Entropy Keys Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2023-20107",
"datePublished": "2023-03-23T00:00:00",
"dateReserved": "2022-10-27T00:00:00",
"dateUpdated": "2024-10-28T16:31:56.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-12678
Vulnerability from cvelistv5
Published
2019-10-02 19:06
Modified
2024-11-19 18:54
Severity ?
EPSS score ?
Summary
A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: unspecified < n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T23:24:39.128Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-12678",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-19T17:22:47.740939Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T18:54:30.563Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"lessThan": "n/a",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"datePublic": "2019-10-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-191",
"description": "CWE-191",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-10-02T19:06:39",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
}
],
"source": {
"advisory": "cisco-sa-20191002-asa-ftd-sip-dos",
"defect": [
[
"CSCvp45882"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-10-02T16:00:00-0700",
"ID": "CVE-2019-12678",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"affected": "\u003c",
"version_affected": "\u003c",
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-191"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191002 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
}
]
},
"source": {
"advisory": "cisco-sa-20191002-asa-ftd-sip-dos",
"defect": [
[
"CSCvp45882"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-12678",
"datePublished": "2019-10-02T19:06:40.050263Z",
"dateReserved": "2019-06-04T00:00:00",
"dateUpdated": "2024-11-19T18:54:30.563Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1199
Vulnerability from cvelistv5
Published
2013-04-18 18:00
Modified
2024-09-17 01:35
Severity ?
EPSS score ?
Summary
Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1199 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:57:04.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130417 Cisco ASA Clientless SSL VPN CIFS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1199"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-04-18T18:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130417 Cisco ASA Clientless SSL VPN CIFS Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1199"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1199",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130417 Cisco ASA Clientless SSL VPN CIFS Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1199"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1199",
"datePublished": "2013-04-18T18:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-17T01:35:49.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2631
Vulnerability from cvelistv5
Published
2009-12-04 11:00
Modified
2024-08-07 05:59
Severity ?
EPSS score ?
Summary
Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:59:56.986Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "37786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/50/025367-01.pdf"
},
{
"name": "20091202 Same-origin policy bypass vulnerabilities in several VPN products reported",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508164/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=984744"
},
{
"name": "VU#261869",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/261869"
},
{
"name": "37152",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37152"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.stonesoft.com/en/support/security_advisories/2009_03_12.html"
},
{
"name": "ADV-2009-3569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3569"
},
{
"name": "20060608 SSL VPNs and security",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2006/Jun/238"
},
{
"name": "1023255",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023255"
},
{
"name": "ADV-2009-3571",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3571"
},
{
"name": "20060609 Re: SSL VPNs and security",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2006/Jun/269"
},
{
"name": "37788",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37788"
},
{
"name": "37696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37696"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sonicwall.com/us/2123_14882.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.sonicwall.com/us/2123_14883.html"
},
{
"name": "ADV-2009-3570",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3570"
},
{
"name": "sslvpn-sameorigin-security-bypass(54523)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54523"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/KB15799"
},
{
"name": "20060609 Re: SSL VPNs and security",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2006/Jun/270"
},
{
"name": "ADV-2009-3568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3568"
},
{
"name": "ADV-2009-3567",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3567"
},
{
"name": "37789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37789"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN\u0027s domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "37786",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/50/025367-01.pdf"
},
{
"name": "20091202 Same-origin policy bypass vulnerabilities in several VPN products reported",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508164/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=984744"
},
{
"name": "VU#261869",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/261869"
},
{
"name": "37152",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37152"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.stonesoft.com/en/support/security_advisories/2009_03_12.html"
},
{
"name": "ADV-2009-3569",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3569"
},
{
"name": "20060608 SSL VPNs and security",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2006/Jun/238"
},
{
"name": "1023255",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023255"
},
{
"name": "ADV-2009-3571",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3571"
},
{
"name": "20060609 Re: SSL VPNs and security",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2006/Jun/269"
},
{
"name": "37788",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37788"
},
{
"name": "37696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37696"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sonicwall.com/us/2123_14882.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.sonicwall.com/us/2123_14883.html"
},
{
"name": "ADV-2009-3570",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3570"
},
{
"name": "sslvpn-sameorigin-security-bypass(54523)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54523"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/KB15799"
},
{
"name": "20060609 Re: SSL VPNs and security",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2006/Jun/270"
},
{
"name": "ADV-2009-3568",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3568"
},
{
"name": "ADV-2009-3567",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3567"
},
{
"name": "37789",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37789"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2009-2631",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN\u0027s domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "37786",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37786"
},
{
"name": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/50/025367-01.pdf",
"refsource": "CONFIRM",
"url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/50/025367-01.pdf"
},
{
"name": "20091202 Same-origin policy bypass vulnerabilities in several VPN products reported",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508164/100/0/threaded"
},
{
"name": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=984744",
"refsource": "CONFIRM",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=984744"
},
{
"name": "VU#261869",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/261869"
},
{
"name": "37152",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37152"
},
{
"name": "http://www.stonesoft.com/en/support/security_advisories/2009_03_12.html",
"refsource": "CONFIRM",
"url": "http://www.stonesoft.com/en/support/security_advisories/2009_03_12.html"
},
{
"name": "ADV-2009-3569",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3569"
},
{
"name": "20060608 SSL VPNs and security",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2006/Jun/238"
},
{
"name": "1023255",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023255"
},
{
"name": "ADV-2009-3571",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3571"
},
{
"name": "20060609 Re: SSL VPNs and security",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2006/Jun/269"
},
{
"name": "37788",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37788"
},
{
"name": "37696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37696"
},
{
"name": "http://www.sonicwall.com/us/2123_14882.html",
"refsource": "CONFIRM",
"url": "http://www.sonicwall.com/us/2123_14882.html"
},
{
"name": "http://www.sonicwall.com/us/2123_14883.html",
"refsource": "CONFIRM",
"url": "http://www.sonicwall.com/us/2123_14883.html"
},
{
"name": "ADV-2009-3570",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3570"
},
{
"name": "sslvpn-sameorigin-security-bypass(54523)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54523"
},
{
"name": "http://kb.juniper.net/KB15799",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/KB15799"
},
{
"name": "20060609 Re: SSL VPNs and security",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2006/Jun/270"
},
{
"name": "ADV-2009-3568",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3568"
},
{
"name": "ADV-2009-3567",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3567"
},
{
"name": "37789",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37789"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2009-2631",
"datePublished": "2009-12-04T11:00:00",
"dateReserved": "2009-07-28T00:00:00",
"dateUpdated": "2024-08-07T05:59:56.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-3599
Vulnerability from cvelistv5
Published
2020-10-21 18:37
Modified
2024-11-13 17:47
Severity ?
EPSS score ?
Summary
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:37:55.524Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software Web-Based Management Interface Reflected Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-3599",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T17:22:48.235983Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T17:47:37.847Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2020-10-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-21T18:37:07",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software Web-Based Management Interface Reflected Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp"
}
],
"source": {
"advisory": "cisco-sa-asa-rxss-L54Htxp",
"defect": [
[
"CSCvv33712"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software Web-Based Management Interface Reflected Cross-Site Scripting Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2020-10-21T16:00:00",
"ID": "CVE-2020-3599",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software Web-Based Management Interface Reflected Cross-Site Scripting Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "6.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20201021 Cisco Adaptive Security Appliance Software Web-Based Management Interface Reflected Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp"
}
]
},
"source": {
"advisory": "cisco-sa-asa-rxss-L54Htxp",
"defect": [
[
"CSCvv33712"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2020-3599",
"datePublished": "2020-10-21T18:37:07.784357Z",
"dateReserved": "2019-12-12T00:00:00",
"dateUpdated": "2024-11-13T17:47:37.847Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-34793
Vulnerability from cvelistv5
Published
2021-10-27 18:56
Modified
2024-11-07 21:45
Severity ?
EPSS score ?
Summary
A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T00:19:48.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2021-34793",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-07T21:44:27.592582Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-07T21:45:43.962Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2021-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-924",
"description": "CWE-924",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-27T18:56:26",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
}
],
"source": {
"advisory": "cisco-sa-asa-ftd-dos-JxYWMJyL",
"defect": [
[
"CSCvx46296"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2021-10-27T16:00:00",
"ID": "CVE-2021-34793",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "8.6",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-924"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20211027 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Transparent Mode Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
}
]
},
"source": {
"advisory": "cisco-sa-asa-ftd-dos-JxYWMJyL",
"defect": [
[
"CSCvx46296"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2021-34793",
"datePublished": "2021-10-27T18:56:26.248036Z",
"dateReserved": "2021-06-15T00:00:00",
"dateUpdated": "2024-11-07T21:45:43.962Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3414
Vulnerability from cvelistv5
Published
2013-07-25 15:00
Modified
2024-08-06 16:07
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/95660 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/85949 | vdb-entry, x_refsource_XF | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=30214 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1028831 | vdb-entry, x_refsource_SECTRACK | |
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3414 | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:07:37.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95660"
},
{
"name": "cisco-asa-cve20133414-xss(85949)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85949"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30214"
},
{
"name": "1028831",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1028831"
},
{
"name": "20130724 Cisco ASA Software Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3414"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "95660",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95660"
},
{
"name": "cisco-asa-cve20133414-xss(85949)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85949"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30214"
},
{
"name": "1028831",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1028831"
},
{
"name": "20130724 Cisco ASA Software Cross-Site Scripting Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3414"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-3414",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95660",
"refsource": "OSVDB",
"url": "http://osvdb.org/95660"
},
{
"name": "cisco-asa-cve20133414-xss(85949)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85949"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30214",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30214"
},
{
"name": "1028831",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1028831"
},
{
"name": "20130724 Cisco ASA Software Cross-Site Scripting Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3414"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-3414",
"datePublished": "2013-07-25T15:00:00",
"dateReserved": "2013-05-06T00:00:00",
"dateUpdated": "2024-08-06T16:07:37.940Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-15992
Vulnerability from cvelistv5
Published
2020-09-23 00:27
Modified
2024-11-13 18:47
Severity ?
EPSS score ?
Summary
A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device.
References
| ▼ | URL | Tags |
|---|---|---|
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce | vendor-advisory, x_refsource_CISCO |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Cisco | Cisco Adaptive Security Appliance (ASA) Software |
Version: n/a |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T01:03:32.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20191112 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-15992",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T18:46:49.657176Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T18:47:14.541Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Adaptive Security Appliance (ASA) Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2019-11-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-23T00:27:04",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20191112 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
}
],
"source": {
"advisory": "cisco-sa-20191112-asa-ftd-lua-rce",
"defect": [
[
"CSCvr85295",
"CSCvr96680"
]
],
"discovery": "INTERNAL"
},
"title": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"DATE_PUBLIC": "2019-11-12T13:15:00",
"ID": "CVE-2019-15992",
"STATE": "PUBLIC",
"TITLE": "Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco Adaptive Security Appliance (ASA) Software",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "Cisco"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device."
}
]
},
"exploit": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability described in this advisory."
}
],
"impact": {
"cvss": {
"baseScore": "7.2",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20191112 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Remote Code Execution Vulnerability",
"refsource": "CISCO",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
}
]
},
"source": {
"advisory": "cisco-sa-20191112-asa-ftd-lua-rce",
"defect": [
[
"CSCvr85295",
"CSCvr96680"
]
],
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2019-15992",
"datePublished": "2020-09-23T00:27:04.203191Z",
"dateReserved": "2019-09-06T00:00:00",
"dateUpdated": "2024-11-13T18:47:14.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4312
Vulnerability from cvelistv5
Published
2006-08-23 22:00
Modified
2024-08-07 19:06
Severity ?
EPSS score ?
Summary
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/3367 | vdb-entry, x_refsource_VUPEN | |
| http://securitytracker.com/id?1016740 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/19681 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/28143 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1016738 | vdb-entry, x_refsource_SECTRACK | |
| http://securitytracker.com/id?1016739 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28540 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/21616 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.253Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-3367",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3367"
},
{
"name": "1016740",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016740"
},
{
"name": "20060823 Unintentional Password Modification Vulnerability in Cisco Firewall Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml"
},
{
"name": "19681",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19681"
},
{
"name": "28143",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/28143"
},
{
"name": "1016738",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016738"
},
{
"name": "1016739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016739"
},
{
"name": "cisco-pix-password-modification(28540)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28540"
},
{
"name": "21616",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21616"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a \"non-random value\" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-3367",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3367"
},
{
"name": "1016740",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016740"
},
{
"name": "20060823 Unintentional Password Modification Vulnerability in Cisco Firewall Products",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml"
},
{
"name": "19681",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19681"
},
{
"name": "28143",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/28143"
},
{
"name": "1016738",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016738"
},
{
"name": "1016739",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016739"
},
{
"name": "cisco-pix-password-modification(28540)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28540"
},
{
"name": "21616",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21616"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a \"non-random value\" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-3367",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3367"
},
{
"name": "1016740",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016740"
},
{
"name": "20060823 Unintentional Password Modification Vulnerability in Cisco Firewall Products",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml"
},
{
"name": "19681",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19681"
},
{
"name": "28143",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/28143"
},
{
"name": "1016738",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016738"
},
{
"name": "1016739",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016739"
},
{
"name": "cisco-pix-password-modification(28540)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28540"
},
{
"name": "21616",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21616"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4312",
"datePublished": "2006-08-23T22:00:00",
"dateReserved": "2006-08-23T00:00:00",
"dateUpdated": "2024-08-07T19:06:07.253Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | asa_5512-x_firmware | 009.008\(004.025\) | |
| cisco | asa_5512-x | - | |
| cisco | asa_5505_firmware | 009.008\(004.025\) | |
| cisco | asa_5505 | - | |
| cisco | asa_5515-x_firmware | 009.008\(004.025\) | |
| cisco | asa_5515-x | - | |
| cisco | asa_5525-x_firmware | 009.008\(004.025\) | |
| cisco | asa_5525-x | - | |
| cisco | asa_5545-x_firmware | 009.008\(004.025\) | |
| cisco | asa_5545-x | - | |
| cisco | asa_5555-x_firmware | 009.008\(004.025\) | |
| cisco | asa_5555-x | - | |
| cisco | asa_5580_firmware | 009.008\(004.025\) | |
| cisco | asa_5580 | - | |
| cisco | asa_5585-x_firmware | 009.008\(004.025\) | |
| cisco | asa_5585-x | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
"versionEndExcluding": "9.8.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
"versionEndExcluding": "6.4.0.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "796D02D8-AD57-49E8-93F6-5CC0E4D2F883",
"versionEndExcluding": "9.12.4.29",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "333EFE8A-1514-4F7A-BBF4-876DC1B2E5A4",
"versionEndExcluding": "9.14.3.9",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
"versionEndExcluding": "9.15.1.17",
"versionStartIncluding": "9.15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310B86D1-730D-4D8A-AC95-31FBE4F7D1E6",
"versionEndExcluding": "9.16.2.3",
"versionStartIncluding": "9.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A8A0AC98-6994-4055-99FC-C24E7DD2964D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
"matchCriteriaId": "325AF17C-5C97-44CC-9F72-E077E2E5968C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FC3C43A2-BFA1-4A53-8D7B-0270050D3CE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CC7F335-8D93-408F-A9B6-427AEC590BE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
"matchCriteriaId": "50319E62-91FD-40EC-98C0-F2ADB51EA8B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
"matchCriteriaId": "73A3286F-B9A7-407C-A08A-C4BBF6EAF03D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4205DEA9-C321-4845-B86A-07EABA461DD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.008\\(004.025\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6D8296D0-BEE7-4788-AE23-E880345CD06A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software operating in transparent mode could allow an unauthenticated, remote attacker to poison MAC address tables, resulting in a denial of service (DoS) vulnerability. This vulnerability is due to incorrect handling of certain TCP segments when the affected device is operating in transparent mode. An attacker could exploit this vulnerability by sending a crafted TCP segment through an affected device. A successful exploit could allow the attacker to poison the MAC address tables in adjacent devices, resulting in network disruption."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el Normalizador TCP del software Cisco Adaptive Security Appliance (ASA) y del software Firepower Threat Defense (FTD) que funciona en modo transparente podr\u00eda permitir a un atacante remoto no autenticado envenenar las tablas de direcciones MAC, lo que provocar\u00eda una vulnerabilidad de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido al manejo incorrecto de determinados segmentos TCP cuando el dispositivo afectado est\u00e1 operando en modo transparente. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un segmento TCP dise\u00f1ado mediante un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante envenenar las tablas de direcciones MAC en los dispositivos adyacentes, resultando en una interrupci\u00f3n de la red"
}
],
"id": "CVE-2021-34793",
"lastModified": "2024-11-21T06:11:13.063",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.563",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-dos-JxYWMJyL"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-924"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-924"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-08 21:55
Modified
2024-11-21 02:02
Severity ?
Summary
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332."
},
{
"lang": "es",
"value": "La funcionalidad Identity Firewall (IDFW) en Cisco Adaptive Security Appliance (ASA) Software permite a atacantes remotos cambiar el contenido de la cach\u00e9 de usuario a trav\u00e9s de un ataque de repetici\u00f3n que involucra mensajes manipulados RADIUS Change of Authorization (CoA), tambi\u00e9n conocido como Bug ID CSCuj45332."
}
],
"id": "CVE-2014-0655",
"lastModified": "2024-11-21T02:02:35.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-01-08T21:55:06.333",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/101838"
},
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/56366"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0655"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32362"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64700"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029575"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/101838"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0655"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32362"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64700"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029575"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90164"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-23 01:15
Modified
2024-11-26 16:09
Severity ?
Summary
A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94146309-66F7-4349-83CF-7969E13F3A7A",
"versionEndExcluding": "9.6.4.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7734DDF0-8B78-4204-9C44-98A80F01CF87",
"versionEndExcluding": "9.8.4.15",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "83755BBD-15E6-44F9-976A-926B6639EBE4",
"versionEndExcluding": "9.9.2.61",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9B6D76A5-C479-4588-A571-B2E8268A3139",
"versionEndExcluding": "9.10.1.32",
"versionStartIncluding": "9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1419728-88C1-49C2-B269-5D2353E109D1",
"versionEndExcluding": "9.12.3",
"versionStartIncluding": "9.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2EECA0E3-5C6E-41C1-AEA5-CE82ABEAC4FE",
"versionEndExcluding": "9.13.1.4",
"versionStartIncluding": "9.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D4AA06A-42DA-43F8-94D5-3035AFF4FEF1",
"versionEndExcluding": "9.14.2.7",
"versionStartIncluding": "9.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DE9FD6FC-FA97-41EB-B75B-E2D0A6481D96",
"versionEndExcluding": "9.15.1.4",
"versionStartIncluding": "9.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EABB3BD-4AF7-4FC1-9090-19B07F1B578D",
"versionEndExcluding": "6.2.3.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7960516D-9A46-41EE-A0FE-E139A64DD62C",
"versionEndExcluding": "6.3.0.6",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "970816D7-3FC8-430A-BEFB-D8F3E5F84301",
"versionEndExcluding": "6.4.0.7",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:secure_firewall_management_center:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC14B4B-D535-49DF-ABA2-BB4057A4BC47",
"versionEndExcluding": "6.5.0.2",
"versionStartIncluding": "6.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E239E86-8CC7-4BE1-BE5F-AF623DB68058",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. The vulnerability is due to insufficient restrictions on the allowed Lua function calls within the context of user-supplied Lua scripts. A successful exploit could allow the attacker to trigger a heap overflow condition and execute arbitrary code with root privileges on the underlying Linux operating system of an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del int\u00e9rprete Lua integrado en Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto autenticado ejecutar c\u00f3digo arbitrario con privilegios root en el sistema operativo Linux subyacente de un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a restricciones insuficientes en las llamadas a funciones Lua permitidas dentro del contexto de los scripts Lua suministrados por el usuario.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante desencadenar una condici\u00f3n de desbordamiento de la pila y ejecutar c\u00f3digo arbitrario con privilegios root en el sistema operativo Linux subyacente de un dispositivo afectado"
}
],
"id": "CVE-2019-15992",
"lastModified": "2024-11-26T16:09:02.407",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-23T01:15:13.333",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191112-asa-ftd-lua-rce"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | asa_5512-x_firmware | 009.008 | |
| cisco | asa_5512-x_firmware | 009.015 | |
| cisco | asa_5512-x | - | |
| cisco | asa_5505_firmware | 009.008 | |
| cisco | asa_5505_firmware | 009.015 | |
| cisco | asa_5505 | - | |
| cisco | asa_5515-x_firmware | 009.008 | |
| cisco | asa_5515-x_firmware | 009.015 | |
| cisco | asa_5515-x | - | |
| cisco | asa_5525-x_firmware | 009.008 | |
| cisco | asa_5525-x_firmware | 009.015 | |
| cisco | asa_5525-x | - | |
| cisco | asa_5545-x_firmware | 009.008 | |
| cisco | asa_5545-x_firmware | 009.015 | |
| cisco | asa_5545-x | - | |
| cisco | asa_5555-x_firmware | 009.008 | |
| cisco | asa_5555-x_firmware | 009.015 | |
| cisco | asa_5555-x | - | |
| cisco | asa_5580_firmware | 009.008 | |
| cisco | asa_5580_firmware | 009.015 | |
| cisco | asa_5580 | - | |
| cisco | asa_5585-x_firmware | 009.008 | |
| cisco | asa_5585-x_firmware | 009.015 | |
| cisco | asa_5585-x | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
"versionEndExcluding": "9.8.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE65CB5-08E5-41B6-9AC0-02451C90E833",
"versionEndExcluding": "6.4.0.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDDF492B-BC61-4814-B05F-3F6CD07080F7",
"versionEndExcluding": "6.7.0.2",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B10BB7F0-1CC7-4331-A05C-3C20B0584C04",
"versionEndExcluding": "9.12.4.29",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "185792EB-E12D-4ABD-938F-68EB7F65FA3C",
"versionEndExcluding": "9.14.2.15",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6DA106A-A2D9-4F9F-AF9B-88F67A8589FC",
"versionEndExcluding": "9.15.1.15",
"versionStartIncluding": "9.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8EAF9E-15BB-4565-A131-B0B3F9E98B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "D81100E4-D5B3-4953-9EB3-A4335A96B0FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "446D3F11-4E33-417E-8BC5-A0ADA2336748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "EF62190B-96EE-4295-BF8B-5A8F65876979",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "649BB8A1-7665-4312-9D34-8823CD8031B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "2008D416-C0D8-41DB-9088-553665643A4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4DC944-D1C0-400F-92A2-852BED71210C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB81E9A-3CFF-406A-83D3-A62A650D1583",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1951B0-E631-475B-9AC2-DD3EFC842D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "D5054127-B933-4FBB-87D9-F90168ADE8A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCA70F5-B62E-449E-BFB5-FE52039A43CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "603C4110-1A74-4698-9882-F23FF05803BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B105A6-008E-46E4-8789-C718962C1F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB5240E-52F4-4A1E-8B5B-25A6446A2BF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "C662CBD3-FA7F-4BD4-8867-9796B38926A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "1234B4DC-4C8E-48B5-BD05-01843C8083D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en la Puerta de Enlace de Nivel de Aplicaci\u00f3n (ALG) para la funcionalidad Network Address Translation (NAT) del software Cisco Adaptive Security Appliance (ASA) y el software Firepower Threat Defense (FTD) podr\u00edan permitir a un atacante remoto no autenticado omitir el ALG y abrir conexiones no autorizadas con un host situado detr\u00e1s del ALG. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso. Nota: Estas vulnerabilidades han sido discutidas p\u00fablicamente como NAT Slipstreaming"
}
],
"id": "CVE-2021-34790",
"lastModified": "2024-11-21T06:11:12.577",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.400",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-358"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
"versionEndExcluding": "9.8.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
"versionEndExcluding": "6.4.0.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
"versionEndExcluding": "7.0.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C27A64DD-7126-4F45-80D4-5B98C3DB6D77",
"versionEndExcluding": "9.12.4.25",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "147207F3-6036-46DC-A83C-B135326DF7D4",
"versionEndExcluding": "9.14.3.1",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
"versionEndExcluding": "9.15.1.17",
"versionStartIncluding": "9.15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9F046A32-A3BA-4B48-874F-2C52D080166B",
"versionEndExcluding": "9.16.1.28",
"versionStartIncluding": "9.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.009:*:*:*:*:*:*:*",
"matchCriteriaId": "97B47994-6866-46A5-8D07-FD7FAA3CA1A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.012:*:*:*:*:*:*:*",
"matchCriteriaId": "417AE369-7A93-47A0-AA9E-07B88CE7BFD6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.009:*:*:*:*:*:*:*",
"matchCriteriaId": "09C56CAF-9DA5-4233-A7B2-F5D7D26B7BA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.012:*:*:*:*:*:*:*",
"matchCriteriaId": "98D4B188-126E-4245-B23A-569941C75932",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.009:*:*:*:*:*:*:*",
"matchCriteriaId": "2C19AB1B-9190-4FE4-BC1C-762C126182F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.012:*:*:*:*:*:*:*",
"matchCriteriaId": "5926D2D6-A03E-4D33-8ADA-C06A3ED2CA6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.009:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5B7754-8875-429A-92CB-EC05B64464F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.012:*:*:*:*:*:*:*",
"matchCriteriaId": "DD83127F-7033-4136-8BAF-2677ED6A2B95",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.009:*:*:*:*:*:*:*",
"matchCriteriaId": "6496BFCA-1195-4840-974E-AE6A1E22248E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.012:*:*:*:*:*:*:*",
"matchCriteriaId": "F16D0BB8-A495-416B-A5D4-2C4C285C0810",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.009:*:*:*:*:*:*:*",
"matchCriteriaId": "E3768B18-0A51-4CD4-8E25-4502CA924325",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.012:*:*:*:*:*:*:*",
"matchCriteriaId": "255DCB68-68EE-4B5A-9D5B-C8BC0ECB0317",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.009:*:*:*:*:*:*:*",
"matchCriteriaId": "60ED0532-A2B6-4CDF-A878-78863281718B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.012:*:*:*:*:*:*:*",
"matchCriteriaId": "65458D9C-7E2B-4205-9635-2B1542A15A05",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.009:*:*:*:*:*:*:*",
"matchCriteriaId": "B679AA95-7B72-4F52-A0CF-F3D404468D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.012:*:*:*:*:*:*:*",
"matchCriteriaId": "6EA45A41-CF74-4D9F-A6DA-06AAFDE1D66E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the identity-based firewall (IDFW) rule processing feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass security protections. This vulnerability is due to improper handling of network requests by affected devices configured to use object group search. An attacker could exploit this vulnerability by sending a specially crafted network request to an affected device. A successful exploit could allow the attacker to bypass access control list (ACL) rules on the device, bypass security protections, and send network traffic to unauthorized hosts."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad de procesamiento de reglas del firewall basado en la identidad (IDFW) del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado omitir las protecciones de seguridad. Esta vulnerabilidad es debido al manejo inapropiado de las peticiones de red por parte de los dispositivos afectados configurados para usar la b\u00fasqueda de grupos de objetos. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n de red especialmente dise\u00f1ada a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante omitir las reglas de la lista de control de acceso (ACL) en el dispositivo, omitir las protecciones de seguridad y enviar tr\u00e1fico de red a hosts no autorizados"
}
],
"id": "CVE-2021-34787",
"lastModified": "2024-11-21T06:11:12.123",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.347",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rule-bypass-ejjOgQEY"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-183"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-755"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD51404-99D0-45D6-8998-02861FF10108",
"versionEndExcluding": "9.6.4.45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
"versionEndExcluding": "6.3.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
"versionEndExcluding": "6.4.0.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
"versionEndExcluding": "6.6.1",
"versionStartIncluding": "6.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B21DFF6A-F104-4636-9372-8F94AED29354",
"versionEndExcluding": "9.8.4.22",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
"versionEndExcluding": "9.9.2.80",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
"versionEndExcluding": "9.10.1.44",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A295D790-92A2-43E1-805B-EB033E8DFA27",
"versionEndExcluding": "9.12.3.12",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00E5D38D-07C2-4543-96B0-7FB9582A37FB",
"versionEndExcluding": "9.13.1.12",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCB8C11-7C49-472E-A003-DCEC9071D00F",
"versionEndExcluding": "9.14.1.10",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition. Note: This vulnerability applies to IP Version 4 (IPv4) and IP Version 6 (IPv6) HTTP traffic."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz web de Cisco Adaptive Security Appliance (ASA) Software y Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar que un dispositivo afectado se recargue inesperadamente, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una falta de comprobaci\u00f3n apropiada de entrada de las peticiones HTTP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTP dise\u00f1ada hacia un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n podr\u00eda permitir al atacante causar una condici\u00f3n de DoS.\u0026#xa0;Nota: Esta vulnerabilidad se aplica al tr\u00e1fico HTTP IP versi\u00f3n 4 (IPv4) e IP versi\u00f3n 6 (IPv6)"
}
],
"id": "CVE-2020-3304",
"lastModified": "2024-11-21T05:30:46.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:15.623",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webdos-fBzM5Ynw"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "149E9B2D-1E8D-481B-B4C2-687723A78CE5",
"versionEndExcluding": "9.6.4.43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2330600D-6AB1-4912-A595-2AE167853B93",
"versionEndIncluding": "6.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
"versionEndExcluding": "6.3.0.6",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
"versionEndExcluding": "6.4.0.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6AD3C10-9525-4D50-BAF4-1989B3763ED5",
"versionEndExcluding": "9.8.4.24",
"versionStartIncluding": "9.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
"versionEndExcluding": "9.9.2.80",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7036D010-F764-4899-A7B3-456084FC1392",
"versionEndExcluding": "9.10.1.43",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A573BF-C6E7-4985-9B93-928584F7A986",
"versionEndExcluding": "9.12.4.2",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
"versionEndExcluding": "9.13.1.13",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B216C8-49C2-43DA-9D7C-3290B5EBF334",
"versionEndExcluding": "9.14.1.19",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a watchdog timeout and crash during the cleanup of threads that are associated with a SIP connection that is being deleted from the connection list. An attacker could exploit this vulnerability by sending a high rate of crafted SIP traffic through an affected device. A successful exploit could allow the attacker to cause a watchdog timeout and crash, resulting in a crash and reload of the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el proceso de inspecci\u00f3n SIP de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar un bloqueo y la recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio ( DoS).\u0026#xa0;La vulnerabilidad es debido a un tiempo de espera del watchdog y un bloqueo durante la limpieza de los subprocesos que est\u00e1n asociados con una conexi\u00f3n SIP que est\u00e1 siendo eliminada de la lista de conexiones.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de tr\u00e1fico SIP dise\u00f1ado por medio de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar un tiempo de espera del watchdog y un bloqueo, resultando en un bloqueo y la recarga del dispositivo afectado"
}
],
"id": "CVE-2020-3555",
"lastModified": "2024-11-21T05:31:18.387",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:17.513",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sipdos-3DGvdjvg"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-404"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-23 22:04
Modified
2024-11-21 00:15
Severity ?
Summary
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | pix_firewall_501 | * | |
| cisco | pix_firewall_506 | * | |
| cisco | pix_firewall_515 | * | |
| cisco | pix_firewall_515e | * | |
| cisco | pix_firewall_520 | * | |
| cisco | pix_firewall_525 | * | |
| cisco | pix_firewall_535 | * | |
| cisco | pix_firewall_software | 6.3 | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "151D5A44-2D0D-478A-B011-A0892817B814",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "286199EA-71CF-46B4-9131-F1752C2EA82D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a \"non-random value\" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access."
},
{
"lang": "es",
"value": "Cisco PIX 500 Series Security Appliances y ASA 5500 Series Adaptive Security Appliances, cuando ejecutan 7.0(x) hasta 7.0(5) y 7.1(x) hasta 7.1(2.4), y el Firewall Services Module (FWSM) 3.1(x) hasta 3.1(1.6), provoca que la contrase\u00f1a EXEC, las contrase\u00f1as de usuario local, y la contrase\u00f1a de activaci\u00f3n se cambien a un \"valor no aleatorio\" bajo determinadas circunstancias, lo que provoca un bloqueo a los administradores y podr\u00eda permitir a los atacantes obtener acceso."
}
],
"id": "CVE-2006-4312",
"lastModified": "2024-11-21T00:15:38.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.1,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-23T22:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/21616"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016738"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016739"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016740"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/28143"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19681"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/3367"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28540"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/21616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016738"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016739"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060823-firewall.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/28143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19681"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/3367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28540"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-02-25 20:55
Modified
2024-11-21 01:48
Severity ?
Summary
The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "15ECB359-7290-4732-96F2-AFCEE21C7899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "88102B08-48E8-48FD-81E9-FAF717D6BE34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3DA2F01C-ECF1-477B-A413-75D0EB817079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0714F9E-75AD-4405-BBC3-E0D817C05EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D9649696-DE81-48C7-A276-17E1ECADAD5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F4EA382-848E-4FE8-AE03-5DDDDBE88C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(6.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F31A44B7-7DD8-4ECF-9BA0-7D1983A2DB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "538B700C-AA95-4D63-8148-E4D5ED08CE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61DD640A-120F-487D-B364-66B69C962A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7632C245-04C6-4E78-87B7-55CCCA6FD6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E84099EB-2535-4A9F-8355-FF937CFBD122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C599F894-DAD2-4231-8BB8-1427E7C02D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F60C12-71C9-47C6-B43F-A0374419D736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1C853CD9-F451-406E-A515-3BDC34E55639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7C28DC-B15F-486B-96F1-D08529B7374A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B03A1408-A55A-4482-B239-B13094B13BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*",
"matchCriteriaId": "62DC7025-F067-45CB-BEA6-ED16A5BD2896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D1557499-D1A1-4A26-80DA-A3D66AA53580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2649C78C-D742-4E6F-950F-54BF7CF797C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "469CFE0C-6319-46F3-8D31-4850F5E6A830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4333600F-0277-4D6C-922E-53FA01CF3C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.49\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35AFDFE9-CCC9-453B-A081-939D1D554379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C82C545-6796-4B67-A97D-0435D41C63C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA336EBF-FA9A-4B80-A486-446A1C4B72F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B53107-BCD0-4D3E-B090-91D6BD6139C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C926091-D9A6-4264-8E9A-52AFCBC09D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D55D3385-FEE7-44AA-A65A-50924FDC1BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD3AD5D9-DD5E-4D31-9F11-94A6147F59A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3FC1CE86-6FD4-44D4-A3E6-D49B9CAAA0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F0864E8-E9C5-498D-84F4-4DE02FF4852A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E853B8BF-07F5-46DF-8DEA-302F68B8B086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "364CA0EA-F85E-4C4B-96D8-A7256F413844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67AB954E-D1F4-4B29-B782-2E9917D82DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7DA3389C-86FE-45F7-97D7-E3386403944F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "788C1177-EA1F-4C89-B4D2-C3939C45472C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31E7CB8A-17DF-43EB-9BCB-F2E5293C949F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AAFE1219-5B88-4A41-B1FA-0E3BA9FDA14A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04B97D0B-974E-48E7-A5F1-AB572ACB7829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "656D49C2-4F2E-4369-8933-FF74A3CD51EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C68E73D6-A207-4276-A972-52B859CD958A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1E406214-2776-42C2-B777-92E6420FBFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2185ED62-166C-4F43-ACA2-C1EF43C48D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "785388F5-E76A-4762-B498-35F69CE537AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "73BA05D1-78A7-4F90-9448-3F2011EE3EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C2C6ABC8-767A-4B7D-A286-F9C6DF61AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33F24697-0124-4326-8499-29931D57D246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3.9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A7236893-3EE9-4DBE-8A75-5294FD82E922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97E5BC7E-399F-4FD2-8024-2F4F621BC577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22E1D918-A52E-4892-9D0D-EE3E21853BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "333BCB8C-5B17-4EF7-9BFF-0F6B038BE38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA8018B5-4392-4D14-A017-80D325FBCB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2C8AFA-A4B6-44A2-B00C-1950997493C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "465313C5-BFB9-458A-8150-8F7BA1F8C386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*",
"matchCriteriaId": "9C808D46-C846-4C53-A713-150C3FED3FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C15D1F6-997D-47FD-A654-AEF3332E6105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5990B883-0B5A-44F0-B4DC-8031ED0F2026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:interim:*:*:*:*:*:*",
"matchCriteriaId": "E5A002AD-3EB0-43CB-AFAF-4A44DAF11007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7F417BC-5835-4F29-8DB6-03A62B7B2364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95EC2D6C-84BA-4A58-B4A0-6FF8613AF9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "691166C2-1FBD-46EB-8AA5-FCE303444ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4956430E-BEC1-4788-B0D2-E50E36C70306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "310B4795-4BC3-4F47-8F54-C513ECC2C9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B9E87F3D-669C-4451-A4C4-E8FE04769248",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5\\(1.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4154E951-DE5D-4D48-B5BA-B3CCDDA3FBA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04C8C6E9-D5C3-42DC-B431-9097B2FCCB52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75B5CF41-7F01-4AE9-B54B-8DB6909504B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The NAT process on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (connections-table memory consumption) via crafted packets, aka Bug ID CSCue46386."
},
{
"lang": "es",
"value": "El proceso de NAT en Cisco Adaptive Security Appliances (ASA) de dispositivos permite a atacantes remotos provocar una denegaci\u00f3n de servicio (tabla de conexiones, consumo de memoria) a trav\u00e9s de paquetes hechos a mano, tambi\u00e9n conocido como Bug ID CSCue46386."
}
],
"id": "CVE-2013-1138",
"lastModified": "2024-11-21T01:48:58.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-02-25T20:55:01.003",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1138"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D2F5B96-8C64-4A50-9C63-93AC36383DB1",
"versionEndExcluding": "9.12.4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2330600D-6AB1-4912-A595-2AE167853B93",
"versionEndIncluding": "6.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "961753A1-2ECF-47EA-87AE-B81CC1D29599",
"versionEndExcluding": "6.4.0.10",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
"versionEndExcluding": "9.13.1.13",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD8BF1D-E300-461E-99C5-E191BE4173C2",
"versionEndExcluding": "9.14.1.30",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory exhaustion condition. An attacker could exploit this vulnerability by sending a high rate of crafted TCP traffic through an affected device. A successful exploit could allow the attacker to exhaust device resources, resulting in a DoS condition for traffic transiting the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el procesamiento de paquetes TCP de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una condici\u00f3n de agotamiento de la memoria.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una alta tasa de tr\u00e1fico TCP dise\u00f1ado por medio de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar los recursos del dispositivo, resultando en una condici\u00f3n de DoS para el tr\u00e1fico que transita por el dispositivo afectado"
}
],
"id": "CVE-2020-3554",
"lastModified": "2024-11-21T05:31:18.257",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:17.420",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-QFcNEPfx"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AED88F6A-9C56-4005-B809-00E5637CCA27",
"versionEndExcluding": "9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
"versionEndExcluding": "6.3.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
"versionEndExcluding": "6.4.0.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
"versionEndExcluding": "6.6.1",
"versionStartIncluding": "6.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E38D6F74-E407-4232-86C9-178AC3D00F1C",
"versionEndExcluding": "9.8.4.26",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
"versionEndExcluding": "9.9.2.80",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
"versionEndExcluding": "9.10.1.44",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F71893A1-284B-453E-A9F4-579FAB514E9B",
"versionEndExcluding": "9.12.4.4",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
"versionEndExcluding": "9.13.1.13",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B216C8-49C2-43DA-9D7C-3290B5EBF334",
"versionEndExcluding": "9.14.1.19",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n OSPF versi\u00f3n 2 (OSPFv2) de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar la recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una comprobaci\u00f3n de entrada incompleta cuando el software afectado procesa ciertos paquetes OSPFv2 con datos Link-Local Signaling (LLS).\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete OSPFv2 malformado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar que un dispositivo afectado se recargue, resultando en una condici\u00f3n de DoS"
}
],
"id": "CVE-2020-3528",
"lastModified": "2024-11-21T05:31:15.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:16.887",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospflls-37Xy2q6r"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials on the affected device. A successful exploit could allow the attacker to cause the length variable to roll over, which could cause the affected device to crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6AAC19-8632-4541-BD46-F9F061F4F145",
"versionEndExcluding": "9.6.4.30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C812C8D5-3159-434C-8B9F-8CB0A8767923",
"versionEndExcluding": "9.8.4",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ABCD2AF8-97D4-45C6-B80E-D5FA9B719BD5",
"versionEndExcluding": "9.9.2.50",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "486AA0A4-E271-413E-8EEC-39B5A0D8678A",
"versionEndExcluding": "9.10.1.22",
"versionStartIncluding": "9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5706D2C-2710-4E83-892E-00B943E61783",
"versionEndExcluding": "9.12.2.1",
"versionStartIncluding": "9.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials on the affected device. A successful exploit could allow the attacker to cause the length variable to roll over, which could cause the affected device to crash."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Secure Copy (SCP) del Software Cisco Adaptive Security Appliance (ASA), podr\u00eda permitir a un atacante remoto autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido al uso de un tipo de datos incorrecto para una variable de longitud. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el inicio de la transferencia de un archivo grande a un dispositivo afectado por medio de SCP. Para explotar esta vulnerabilidad, el atacante necesitar\u00eda tener credenciales v\u00e1lidas de nivel de privilegio 15 sobre el dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir que el atacante haga que la variable de longitud se desplace, lo que podr\u00eda causar que el dispositivo afectado se bloquee."
}
],
"id": "CVE-2019-12693",
"lastModified": "2024-11-21T04:23:22.473",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-02T19:15:13.327",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-scp-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-scp-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-704"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-190"
},
{
"lang": "en",
"value": "CWE-704"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-12-02 22:55
Modified
2024-11-21 01:59
Severity ?
Summary
Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | - | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861."
},
{
"lang": "es",
"value": "Cisco Adaptive Security Appliance (ASA) Software no maneja adecuadamente errores durante el procesamiento de respuestas DNS, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio del dispositivo) a trav\u00e9s de una respuesta malformada, tambi\u00e9n conocido como Bug ID CSCuj28861."
}
],
"id": "CVE-2013-6696",
"lastModified": "2024-11-21T01:59:34.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-12-02T22:55:36.443",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6696"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-16 14:04
Modified
2024-11-21 01:44
Severity ?
Summary
Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | 5500_adaptive_security_appliance | 7.2 | |
| cisco | 5500_series_adaptive_security_appliance | * | |
| cisco | 5500_series_adaptive_security_appliance | 7.2 | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:5500_adaptive_security_appliance:7.2:2:*:*:*:*:*:*",
"matchCriteriaId": "E6C12A16-35D2-450F-8F12-D41D1B3C456B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1BF0ADD1-FE8E-4619-86DD-F86C52E5FB82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en dispositivos Cisco Adaptive Security Appliances (ASA) permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo CPU o reinicio del dispositivo) mediante el establecimiento de m\u00faltiples conexiones, dando lugar a una incorrecta gestion de las b\u00fasquedas para flujos secundarios, tambi\u00e9n conocido como Bug IDs CSCue31622 and CSCuc71272."
}
],
"id": "CVE-2012-5415",
"lastModified": "2024-11-21T01:44:40.197",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 5.4,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-16T14:04:30.890",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-09 11:58
Modified
2024-11-21 01:14
Severity ?
Summary
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "06688558-3990-4907-9969-B1462ED82DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5291408-8B29-48F4-9579-E7130382850F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2BB254-1F22-4445-9A20-45881240C1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFA73BA5-D1C5-4561-86F1-5B37C64374E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "151D5A44-2D0D-478A-B011-A0892817B814",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "286199EA-71CF-46B4-9131-F1752C2EA82D",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la caracter\u00edstica de inspecci\u00f3n SunRPC en dispositivos Cisco Adaptive Security Appliances (ASA) serie 5500 con software v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.19), v8.1 anteriores a v8.1(2.47), y v8.2 anteriores a v8.2(2) y Cisco PIX Security Appliances 500, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante un mensajes SunRPC UDP manipulados, tambi\u00e9n conocido como Bug ID CSCtc79922."
}
],
"id": "CVE-2010-1579",
"lastModified": "2024-11-21T01:14:43.720",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-09T11:58:16.177",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Summary
A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AED88F6A-9C56-4005-B809-00E5637CCA27",
"versionEndExcluding": "9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
"versionEndExcluding": "6.3.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
"versionEndExcluding": "6.4.0.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8499CD6E-FFF8-4CAB-966A-497D4C42EEC9",
"versionEndExcluding": "6.6.1",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E38D6F74-E407-4232-86C9-178AC3D00F1C",
"versionEndExcluding": "9.8.4.26",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
"versionEndExcluding": "9.9.2.80",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
"versionEndExcluding": "9.10.1.44",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F71893A1-284B-453E-A9F4-579FAB514E9B",
"versionEndExcluding": "9.12.4.4",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
"versionEndExcluding": "9.13.1.13",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B216C8-49C2-43DA-9D7C-3290B5EBF334",
"versionEndExcluding": "9.14.1.19",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory leak when closing SSL/TLS connections in a specific state. An attacker could exploit this vulnerability by establishing several SSL/TLS sessions and ensuring they are closed under certain conditions. A successful exploit could allow the attacker to exhaust memory resources in the affected device, which would prevent it from processing new SSL/TLS connections, resulting in a DoS. Manual intervention is required to recover an affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el manejador de sesi\u00f3n SSL/TLS Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\u0026#xa0;La vulnerabilidad es debido a una p\u00e9rdida de memoria al cerrar las conexiones SSL/TLS en un estado espec\u00edfico.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el establecimiento de m\u00faltiples sesiones SSL/TLS y asegur\u00e1ndose de que est\u00e9n cerradas en determinadas condiciones.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar los recursos de la memoria en el dispositivo afectado, lo que impedir\u00eda el procesamiento de nuevas conexiones SSL/TLS, resultando en una DoS.\u0026#xa0;Es requerida una intervenci\u00f3n manual para recuperar un dispositivo afectado"
}
],
"id": "CVE-2020-3572",
"lastModified": "2024-11-21T05:31:20.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:18.327",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-tcp-dos-N3DMnU4T"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-09 11:58
Modified
2024-11-21 01:17
Severity ?
Summary
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "06688558-3990-4907-9969-B1462ED82DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5291408-8B29-48F4-9579-E7130382850F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2BB254-1F22-4445-9A20-45881240C1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A904D03-264C-4B01-B2B6-12455106B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFA73BA5-D1C5-4561-86F1-5B37C64374E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEA2295-5B38-45BC-9099-5A448482FB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la implementaci\u00f3n de Transport Layer Security (TLS) en Cisco Adaptive Security Appliances (ASA) para dispositivos de la serie 5500 con software v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.15), v8.1 anteriores a v8.1(2.44), v8.2 anteriores a v8.2(2.17), y v8.3 anteriores a v8.3(1.6) y Cisco PIX Security Appliances para dispositivos de la serie 500, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante secuencias de paquetes TLS manipulados, tambi\u00e9n conocido como Bug ID CSCtf37506."
}
],
"id": "CVE-2010-2814",
"lastModified": "2024-11-21T01:17:25.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-09T11:58:17.533",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/42196"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42196"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AED88F6A-9C56-4005-B809-00E5637CCA27",
"versionEndExcluding": "9.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
"versionEndExcluding": "6.3.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
"versionEndExcluding": "6.4.0.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
"versionEndExcluding": "6.6.1",
"versionStartIncluding": "6.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E38D6F74-E407-4232-86C9-178AC3D00F1C",
"versionEndExcluding": "9.8.4.26",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
"versionEndExcluding": "9.9.2.80",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
"versionEndExcluding": "9.10.1.44",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F71893A1-284B-453E-A9F4-579FAB514E9B",
"versionEndExcluding": "9.12.4.4",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
"versionEndExcluding": "9.13.1.13",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "97B216C8-49C2-43DA-9D7C-3290B5EBF334",
"versionEndExcluding": "9.14.1.19",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection. The vulnerability is due to ineffective flow tracking of FTP traffic. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and successfully complete FTP connections."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el motor de inspecci\u00f3n FTP de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado omitir la inspecci\u00f3n FTP.\u0026#xa0;La vulnerabilidad es debido a un seguimiento de flujo ineficiente del tr\u00e1fico FTP.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico FTP dise\u00f1ado por medio de un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante omitir la inspecci\u00f3n de FTP y completar con \u00e9xito las conexiones FTP"
}
],
"id": "CVE-2020-3564",
"lastModified": "2024-11-21T05:31:19.510",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:18.060",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ftpbypass-HY3UTxYu"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-436"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-09 11:58
Modified
2024-11-21 01:17
Severity ?
Summary
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "06688558-3990-4907-9969-B1462ED82DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5291408-8B29-48F4-9579-E7130382850F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2BB254-1F22-4445-9A20-45881240C1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A904D03-264C-4B01-B2B6-12455106B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFA73BA5-D1C5-4561-86F1-5B37C64374E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEA2295-5B38-45BC-9099-5A448482FB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la implementaci\u00f3n de Transport Layer Security (TLS) en Cisco Adaptive Security Appliances (ASA) para dispositivos de la serie 5500 con software v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.15), v8.1 anteriores a v8.1(2.44), v8.2 anteriores a v8.2(2.10), y v8.3 anteriores a v8.3(1.1) y Cisco PIX Security Appliances para dispositivos de la serie 500, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante secuencias de paquetes TLS manipulados, tambi\u00e9n conocido como Bug ID CSCtf55259."
}
],
"id": "CVE-2010-2815",
"lastModified": "2024-11-21T01:17:25.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-09T11:58:17.567",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/42198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42198"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-06-04 21:32
Modified
2024-11-21 00:45
Severity ?
Summary
Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 8.1 | |
| cisco | pix_security_appliance | 8.0 | |
| cisco | pix_security_appliance | 8.1 | |
| cisco | adaptive_security_appliance_software | 8.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7873F341-1F9D-433A-814F-A8DDCFB64D7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_security_appliance:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F8681FC-05B5-4AE3-A9CF-51879254404E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_security_appliance:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50740BFB-0C41-4C9C-ACA7-A4DE9382F1C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface."
},
{
"lang": "es",
"value": "Cisco Adaptive Security Appliance (ASA) y Cisco PIX security appliance 8.0.x anterior a 8.0(3)9 y 8.1.x anterior a 8.1(1)1, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de un paquete Transport Layer Security (TLS)manipulado a la interfaz del dispositivo."
}
],
"id": "CVE-2008-2056",
"lastModified": "2024-11-21T00:45:59.083",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-06-04T21:32:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/30552"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1020178"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1020179"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/1750/references"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30552"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00809a8354.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020178"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1750/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42836"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-05-26 15:59
Modified
2024-11-21 02:46
Severity ?
Summary
The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1C5485-EAF4-4F4D-AFA1-E105F433665E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "989F9AC4-C2D1-49A0-95C3-79A4EB827E07",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE2E079-D7AC-4FE9-8938-A75C12AF5CA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "B442C852-2465-4EA8-A977-1F10A4CE23AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C6DB6ED4-3095-46C1-9CB6-2975A7B05303",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EE68CD8E-B9CF-4519-8B0E-4C4488B34887",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "D762C9A7-005C-44FD-9BB2-7A1DD4EBE90B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0B1212-87F3-46E5-B14A-C0C6BBAAAC98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "518D4826-06B0-4DDC-B082-A536418FD292",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "E343DE08-58FA-4C39-99F9-8CB5F57D0CD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "76363698-DB62-4D92-8EE4-069891A9F92C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6159BEE3-D097-4E07-9962-06DB740E2AE3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FD606591-F69A-47AD-9256-20B98CA16135",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4EF3895-F372-45D3-9C7D-15F5C4712D08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "4DC5960D-B917-4ABA-850F-A710676ACB40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B746A138-6650-49A3-87C8-3728FE5CF215",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E50C2A13-5A8B-4FA5-ABB8-1157E560503B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "909F9D55-9276-4CF1-BC63-7CEEF8F25C21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F383D276-D5EC-4335-AC09-9D30F6443AF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "39C2A7FF-6AC3-42B5-954A-9AA5950C523A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.15:*:*:*:*:*:*:*",
"matchCriteriaId": "9D7F36A8-C291-423D-AF28-56AAD8D0F712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.22:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2009F4-F832-49D6-8346-54A7328BD93B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.23:*:*:*:*:*:*:*",
"matchCriteriaId": "C9221DD4-498A-4867-B647-47E42299CE45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.26:*:*:*:*:*:*:*",
"matchCriteriaId": "B839A425-E08C-41B1-9270-E177E40B1E27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.28:*:*:*:*:*:*:*",
"matchCriteriaId": "8F4DDF53-0995-4971-A980-30FD15A40C78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.29:*:*:*:*:*:*:*",
"matchCriteriaId": "2F3BD921-A58A-47EB-B90D-21C3A5D02D40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "800FE449-350D-4C4C-A8C2-D4C5A3B59F36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C49BF8F7-5ACE-4D90-8F17-1AA9D3A2FD7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "8CE6D050-F186-492C-9813-895433B2612A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "6157AA5C-8297-4A32-B0A8-1E7E801E9CD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F5A13091-02C6-4D98-90C9-ED4C43BDAFAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C3E0E1-C3F3-4D53-8116-7D1AF3CD53CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1.18:*:*:*:*:*:*:*",
"matchCriteriaId": "59F3DB48-E1EE-44E9-85DE-9FD7D5C59B4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1.19:*:*:*:*:*:*:*",
"matchCriteriaId": "27E064BD-CBC0-4556-9BCF-87D808809237",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1.21:*:*:*:*:*:*:*",
"matchCriteriaId": "63D5DC14-187B-4808-8377-5FF44A11AA3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5.1.24:*:*:*:*:*:*:*",
"matchCriteriaId": "64079FC4-53D8-4DBF-A2D5-2CED256F4939",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FF969BE-46BB-4AD7-85AB-8384426E9551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F8EEA7A5-67FD-4CA4-8FF8-4B17A9C47B61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "94E618B3-DD03-4ECD-AB9B-97F1EDF95E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0D0DFE19-1C68-40E6-B8CD-9CC03F8B4281",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.10:*:*:*:*:*:*:*",
"matchCriteriaId": "20424324-881A-496B-BC55-62AA75994249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D67012F3-5153-400E-BD6F-EB0949875F2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "E40E9AB5-26E0-4BA2-9AFA-496BAA0EAC77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.14:*:*:*:*:*:*:*",
"matchCriteriaId": "A6BA4B2D-187A-47EC-8BE1-7EA178549476",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "3CF52FB9-4EA9-41A7-AD29-E963C09FC98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04C8C6E9-D5C3-42DC-B431-9097B2FCCB52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75B5CF41-7F01-4AE9-B54B-8DB6909504B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F3BDD9D1-0DE3-4FA7-BDC1-2A724162CEEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7C80EAFF-E577-414A-9DDE-D27A41CB3DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "26CC07CC-0C79-48ED-BEB6-4B576A0DBD68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "83FA6817-C5B7-410F-9CF7-801CC958C12E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.11:*:*:*:*:*:*:*",
"matchCriteriaId": "1576FC7F-B7DD-41DD-A95E-23B1F86E4B02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.13:*:*:*:*:*:*:*",
"matchCriteriaId": "3768E4B0-E457-47AB-99B0-7C1A0E0CBE35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5D142088-0265-4987-8F5C-029F3DD06A18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.17:*:*:*:*:*:*:*",
"matchCriteriaId": "76EDEE39-865D-4DA3-B1C9-033F2FF1A56F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "500ED3CC-4FE8-4A24-ACFE-8D7E35E50D22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD2AE76B-D04E-4D0C-85E4-8AD07F7BDEDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E1C03C-0737-4E2B-B3F9-10770281F4AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5C7052D2-0789-4A4D-917D-FCD894B7280F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0956F0A8-7424-437C-AAD8-203183BEBFCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "49FB57F9-5B37-4509-B2EB-6A16DFE11F03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "952F6504-9CD0-453E-8C25-02BB9EE818F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E842AF74-D1E3-4F71-80F9-197B38942405",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A0B97FB1-CC3A-40B5-853D-476E6C5D9D6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "3F6293A8-C21E-46F6-ACC1-6BBAD419B41F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.17:*:*:*:*:*:*:*",
"matchCriteriaId": "CC1A48B1-112A-41C2-BC01-BCCF5794553D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.20:*:*:*:*:*:*:*",
"matchCriteriaId": "D2AE7036-C8EE-441F-94A4-DE8A9E89CA8C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.24:*:*:*:*:*:*:*",
"matchCriteriaId": "6448B4B4-022D-4D4A-A6DE-0090CEA12595",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.26:*:*:*:*:*:*:*",
"matchCriteriaId": "42813600-3186-4D19-8AF2-F4F98D3C6740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.29:*:*:*:*:*:*:*",
"matchCriteriaId": "BC0969E6-151D-4298-8EC8-68D7880E994B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.33:*:*:*:*:*:*:*",
"matchCriteriaId": "4A0091CE-3386-4CCC-A2A8-900842EA6F51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.35:*:*:*:*:*:*:*",
"matchCriteriaId": "B5A450E0-09E4-44C5-B55C-78A4BDAADA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.37:*:*:*:*:*:*:*",
"matchCriteriaId": "8285C95A-316D-4965-A34D-3BCB9AB83FA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4714F698-BBAE-47BB-99E8-F90D22415EDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "EB55BC7E-0B3F-4202-8768-08F27B763926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB01683-C482-4A5B-90FA-B5266BEA452E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA16481A-4A47-4A8E-8C78-87B3A171280A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8C0258ED-6ED0-49C7-A13A-368711649FFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1B7A71AA-E1A6-47B7-B2B2-A3115CAA4058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D448BB56-5B2E-4B3E-B7E8-1F4991F23D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E0346EAC-BDD1-4DC5-B8CA-20579C44AFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2049D602-54F1-4072-936E-0D7E337162B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.10:*:*:*:*:*:*:*",
"matchCriteriaId": "0710D6C8-AD34-43E2-B72B-315FFF3DC34F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.12:*:*:*:*:*:*:*",
"matchCriteriaId": "70F8F1D2-2196-44C4-B420-824F49BB4ACF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.15:*:*:*:*:*:*:*",
"matchCriteriaId": "5E14B8D3-6D53-4E84-9B5D-24667B192C4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.21:*:*:*:*:*:*:*",
"matchCriteriaId": "A05B2DFD-A0EF-42BE-B00B-334E78CA8C10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CC96C9-492F-49CB-BEFE-356581E96B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "78F1F7D4-EC51-47D1-A71A-9EF98C51D388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0D5E93DE-06C0-401C-8062-1B2EB6EFDED6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "3E5EBFAB-25E2-4245-B748-92CAA943D4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B8BFB446-5747-42BB-98BC-B8DF250F1842",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.6.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1EF48794-2E5D-4BE0-9BB5-49ADE34F4A82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A3A13A9C-5387-4670-8E20-FE878946D091",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(0.104\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F7C7DA3-C24B-41BB-BDBE-7DC58EEAC4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2\\(3.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AFC39DA3-8171-4344-A946-7965873C56F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F9C31567-8AEB-49C6-AA60-4150411D62AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CA140CB2-C17C-4164-A59A-8585906057BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "468D98A7-92D5-4C01-9EDD-CB44B85EA6BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "7BAAC9FE-CCF0-4385-B5E9-FC424CD3EFD5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5C9DEB1C-F9B9-4291-92B5-8EEEADC57E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "39330218-32FA-42FF-B5CA-288B7D140304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A92D7CED-D036-414B-B9EB-DCAF7F425A7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C4AAAB02-140D-46F2-A315-5791BF5A853F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2EB02DBE-6D60-4D0E-8E9D-7611C3C32748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "31B4370A-84E5-4766-9D9D-EA1C53D73B79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9A2F3C77-89CD-4990-98FA-E896079B6C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.50\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1E044883-9952-477A-B2AA-3E0BB90C96A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(1.105\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E26A1B0-D61C-4A25-8E10-02A2E3E7A02B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.100\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6F4A28B7-87A2-464A-92A8-644E3F7D13D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3\\(2.243\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8D83ED80-972A-4548-9AB0-10F9A23DF749",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "26D99395-D18D-458E-9880-19B7767F69D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2E4CE047-3FEF-4A72-AD06-EC77D71EBCD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED33F68A-9EB0-416A-A0A5-0DF2C349FFEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7F7DD812-DC72-4816-8B0F-361C32B2CD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EC41D4CD-D5EA-4678-B3AA-962C7C937118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "996C9552-5743-4639-A077-5B057605DF21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5779CE0-7691-47DA-902C-4D32D6650C9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0C69BE69-7C19-4ED3-98D3-04B1D41E56FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "E7D12EFD-71D6-480E-97D5-278CCE4A7118",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "AFE9F46B-DD74-4295-BB6A-9239E29F4416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.0.115:*:*:*:*:*:*:*",
"matchCriteriaId": "F8F53875-D589-4C34-B863-67AC9945BED8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8870EB6E-DAE9-45F9-BBA5-2D20E5E00F83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8B313B0E-4200-427F-A156-1EDA681F439D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B8C49821-3BA5-4B44-84F5-113024FD030F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2011F264-53A5-4507-843B-46F66D285ADB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "290AA0BD-EDB0-4BA4-BF85-9CF29A1B7908",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "73FB7BAF-7B3E-4091-A90B-FB19B38FFE74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6D2DA09B-CFBA-4FDE-A6D0-7C2CF202D72B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E29F95F5-6957-46F0-A0A2-CCACBBA14F90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4D9EFD6D-A657-4102-982D-7634AC25E75E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The XML parser in Cisco Adaptive Security Appliance (ASA) Software through 9.5.2 allows remote authenticated users to cause a denial of service (instability, memory consumption, or device reload) by leveraging (1) administrative access or (2) Clientless SSL VPN access to provide a crafted XML document, aka Bug ID CSCut14209."
},
{
"lang": "es",
"value": "Vulnerabilidad en el int\u00e9rprete XML en Cisco Adaptive Security Appliance (ASA) Software hasta la versi\u00f3n 9.5.2 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (inestabilidad, consumo de memoria o recarga de dispositivo) mediante el aprovechamiento de (1) acceso administrativo o (2) acceso VPN Clientless SSL para proporcionar un documento XML manipulado, tambi\u00e9n conocida como Bug ID CSCut14209."
}
],
"id": "CVE-2016-1385",
"lastModified": "2024-11-21T02:46:20.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-05-26T15:59:01.463",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1035976"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1035976"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
},
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7C3150-AC51-4C6E-B0D2-B1E820C62F0B",
"versionEndExcluding": "9.6.4.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9401338-5D6D-46E6-918C-AE11FC6DBC9E",
"versionEndExcluding": "9.8.4.9",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3118855-5066-4FB7-B63E-EB694D6E00FA",
"versionEndExcluding": "9.9.2.56",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA230E4-4D7F-4186-842A-27B3741EE468",
"versionEndExcluding": "9.10.1.30",
"versionStartIncluding": "9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385",
"versionEndExcluding": "9.12.2.9",
"versionStartIncluding": "9.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA268E0-220A-4D15-8816-6F69F7773590",
"versionEndExcluding": "9.13.1",
"versionStartIncluding": "9.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A1910D8-107F-4BD1-90D2-5653AA75F54A",
"versionEndExcluding": "6.2.3.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3920B277-4643-4601-A4C8-05C0C3D76C42",
"versionEndExcluding": "6.3.0.5",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
"versionEndExcluding": "6.4.0.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the WebVPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing load for a specific WebVPN HTTP page request. An attacker could exploit this vulnerability by sending multiple WebVPN HTTP page load requests for a specific URL. A successful exploit could allow the attacker to increase CPU load on the device, resulting in a denial of service (DoS) condition, which could cause traffic to be delayed through the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad WebVPN del Software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado causar una mayor utilizaci\u00f3n de la CPU en un dispositivo afectado. La vulnerabilidad es debido a una carga de procesamiento excesiva para una petici\u00f3n de p\u00e1gina HTTP WebVPN espec\u00edfica. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de m\u00faltiples peticiones de carga de p\u00e1gina HTTP de WebVPN para una URL espec\u00edfica. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante aumentar la carga de la CPU en el dispositivo, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS), lo que podr\u00eda causar que el tr\u00e1fico sea retardado a trav\u00e9s del dispositivo."
}
],
"id": "CVE-2019-12698",
"lastModified": "2024-11-21T04:23:23.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-02T19:15:13.657",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-09 11:58
Modified
2024-11-21 01:14
Severity ?
Summary
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "06688558-3990-4907-9969-B1462ED82DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5291408-8B29-48F4-9579-E7130382850F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2BB254-1F22-4445-9A20-45881240C1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la caracter\u00edstica de inspecci\u00f3n SunRPC en dispositivos Cisco Adaptive Security Appliances (ASA) serie 5500 con software v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.19), v8.1 anteriores a v8.1(2.47), y v8.2 anteriores a v8.2(2) y Cisco PIX Security Appliances 500, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante un mensajes SunRPC UDP manipulados, tambi\u00e9n conocido como Bug ID CSCtc77567."
}
],
"id": "CVE-2010-1578",
"lastModified": "2024-11-21T01:14:43.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-09T11:58:16.097",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B4A429E3-8304-4D15-A281-FBFD663ADBD5",
"versionEndExcluding": "9.6.4.35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
"versionEndExcluding": "6.3.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
"versionEndExcluding": "6.4.0.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
"versionEndExcluding": "6.6.1",
"versionStartIncluding": "6.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1D958835-489A-430C-B23F-8A95E604DF16",
"versionEndExcluding": "9.8.4.20",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
"versionEndExcluding": "9.9.2.80",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7036D010-F764-4899-A7B3-456084FC1392",
"versionEndExcluding": "9.10.1.43",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0AD15FF4-61C0-4506-86AD-5381AF09FFDC",
"versionEndExcluding": "9.12.3.9",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "572CB59F-1D5E-47FB-A09C-E456F6B66A95",
"versionEndExcluding": "9.13.1.10",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCB8C11-7C49-472E-A003-DCEC9071D00F",
"versionEndExcluding": "9.14.1.10",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to conduct a CRLF injection attack, adding arbitrary HTTP headers in the responses of the system and redirecting the user to arbitrary websites."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el Clientless SSL VPN (WebVPN) de Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado inyectar encabezados HTTP arbitrarios en las respuestas del sistema afectado.\u0026#xa0;La vulnerabilidad es debido a un saneamiento de entrada inapropiada.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante conducir un ataque de inyecci\u00f3n CRLF, agregando encabezados HTTP arbitrarios en las respuestas del sistema y redireccionando al usuario a sitios web arbitrarios"
}
],
"id": "CVE-2020-3561",
"lastModified": "2024-11-21T05:31:19.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:17.793",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-crlf-inj-BX9uRwSn"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-93"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-04 11:30
Modified
2024-11-21 01:05
Severity ?
Summary
Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| aladdin | safenet_securewire_access_gateway | * | |
| cisco | adaptive_security_appliance | * | |
| sonicwall | e-class_ssl_vpn | * | |
| sonicwall | ssl_vpn | * | |
| stonesoft | stonegate | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:aladdin:safenet_securewire_access_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCE5BD39-6D53-410E-A346-FC03DA4D765F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sonicwall:e-class_ssl_vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37C56829-C2AA-4F29-8C71-2F6FCDB727D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sonicwall:ssl_vpn:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E6A39190-6A05-4AF0-8B4F-B4A186D5ED59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:stonesoft:stonegate:*:*:*:*:*:*:*:*",
"matchCriteriaId": "447304A0-D5D2-46E2-9457-BAC6BCBA276A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN\u0027s domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design."
},
{
"lang": "es",
"value": "M\u00faltiples productos VPN de SSL sin cliente que se ejecutan en navegadores web, incluyendo StoneGate de Stonesoft; ASA de Cisco; E-Class SSL VPN de SonicWALL y SSL VPN de SonicWALL; SecureWire Access Gateway de SafeNet; Networks Secure Access de Juniper; CallPilot de Nortel; Access Gateway de Citrix; y otros productos, cuando se ejecutan en configuraciones que no restringen el acceso al mismo dominio que la VPN, recuperan el contenido de las direcciones URL remotas de un dominio y las reescriben para que se originen desde el dominio de la VPN, lo que viola la pol\u00edtica del mismo origen y permite a atacantes remotos conducir ataques de tipo cross-site scripting, leer cookies que se originaron desde otros dominios, acceder a la sesi\u00f3n de VPN web para conseguir acceso a los recursos internos, realizar el registro de claves y conducir otros ataques. NOTA: se podr\u00eda argumentar que se trata de un problema de dise\u00f1o fundamental en cualquier soluci\u00f3n VPN sin cliente, a diferencia de un error com\u00fanmente introducido que puede ser corregido en implementaciones separadas. Por lo tanto, se ha asignado un CVE \u00fanico para todos los productos que presentan este dise\u00f1o."
}
],
"id": "CVE-2009-2631",
"lastModified": "2024-11-21T01:05:20.343",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-12-04T11:30:00.437",
"references": [
{
"source": "cret@cert.org",
"url": "http://kb.juniper.net/KB15799"
},
{
"source": "cret@cert.org",
"url": "http://seclists.org/fulldisclosure/2006/Jun/238"
},
{
"source": "cret@cert.org",
"url": "http://seclists.org/fulldisclosure/2006/Jun/269"
},
{
"source": "cret@cert.org",
"url": "http://seclists.org/fulldisclosure/2006/Jun/270"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37696"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37786"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37788"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37789"
},
{
"source": "cret@cert.org",
"url": "http://securitytracker.com/id?1023255"
},
{
"source": "cret@cert.org",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=984744"
},
{
"source": "cret@cert.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/261869"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/archive/1/508164/100/0/threaded"
},
{
"source": "cret@cert.org",
"url": "http://www.securityfocus.com/bid/37152"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sonicwall.com/us/2123_14882.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sonicwall.com/us/2123_14883.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.stonesoft.com/en/support/security_advisories/2009_03_12.html"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3567"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3568"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3569"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3570"
},
{
"source": "cret@cert.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3571"
},
{
"source": "cret@cert.org",
"url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/50/025367-01.pdf"
},
{
"source": "cret@cert.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54523"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/KB15799"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2006/Jun/238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2006/Jun/269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2006/Jun/270"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37789"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL\u0026DocumentOID=984744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/261869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/508164/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sonicwall.com/us/2123_14882.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.sonicwall.com/us/2123_14883.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.stonesoft.com/en/support/security_advisories/2009_03_12.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3567"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3568"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3569"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3571"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2009/50/025367-01.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54523"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-18 18:55
Modified
2024-11-21 01:49
Severity ?
Summary
Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_clientless_ssl_vpn | - | |
| cisco | adaptive_security_appliance_software | - | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance_clientless_ssl_vpn:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71413163-2432-4360-8948-89059109462B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996."
},
{
"lang": "es",
"value": "Condici\u00f3n de carrera en la implementaci\u00f3n CIFS en el m\u00f3dulo regrabadora en el componente Clientless SSL VPN de Cisco Adaptive Security Appliances (ASA) dispositivos permite a los usuarios remotos autenticados causar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante el acceso a los recursos dentro de varias sesiones, tambi\u00e9n conocido como Bug ID CSCub58996 ."
}
],
"id": "CVE-2013-1199",
"lastModified": "2024-11-21T01:49:06.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-18T18:55:07.000",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1199"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:23
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
"versionEndExcluding": "9.8.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CF9BD61A-3390-4FEC-A6FC-B828700734F1",
"versionEndExcluding": "6.2.3.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F27ABB44-FC9A-457D-AFB7-D7CB8119C9AE",
"versionEndExcluding": "6.4.0.13",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
"versionEndExcluding": "7.0.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9F99428-8509-489C-8658-6422BAE20B86",
"versionEndExcluding": "9.12.4.26",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "333EFE8A-1514-4F7A-BBF4-876DC1B2E5A4",
"versionEndExcluding": "9.14.3.9",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
"versionEndExcluding": "9.15.1.17",
"versionStartIncluding": "9.15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310B86D1-730D-4D8A-AC95-31FBE4F7D1E6",
"versionEndExcluding": "9.16.2.3",
"versionStartIncluding": "9.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1A6C8151-DD31-4176-9871-64F6D0473D92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
"matchCriteriaId": "013CE3DB-A4D9-47EB-9CA6-F3A116E0FDB2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7B6B6A4A-903A-4DC2-ACF8-C8A3F07B905E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7166E020-D9CE-4CF4-96F3-DE60487CCF31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2F51225C-BDF6-4C62-A6D0-29858BB409BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1806CB8E-BA50-405C-84F8-09B7E46A42F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
"matchCriteriaId": "59BAA486-CB14-475F-B3EB-4EDBECF80046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D35C749C-F2BB-4A5D-8D95-971AFCE0C0A0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4A2012ED-9F23-4169-8501-B0897F658AFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8EDD12C0-7F42-4AE2-A3DA-57D5DC82050F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3233ED72-BAF5-4532-8478-6F44B5A66FA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C40D9C60-CD17-4ACE-961C-8580EC2256C1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EAEA3B03-7E79-4917-9E7A-EA73E90E3D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
"matchCriteriaId": "02308BB6-79AA-46A4-B723-12A30BF15119",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.009\\(002.085\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E904DE37-F6C5-459F-8A8A-9E9AA7C59170",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.014\\(002.106\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CF60431F-E808-4828-B67D-1B87A4E5DDF2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in SSL/TLS message handler for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incoming SSL/TLS packets are not properly processed. An attacker could exploit this vulnerability by sending a crafted SSL/TLS packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el administrador de mensajes SSL/TLS para el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad se presenta porque los paquetes SSL/TLS entrantes no se procesan correctamente. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un paquete SSL/TLS dise\u00f1ado a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una recarga del dispositivo afectado, resultando en una condici\u00f3n de DoS"
}
],
"id": "CVE-2021-40117",
"lastModified": "2024-11-21T06:23:36.370",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.770",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-4ygzLKU9"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-25 15:53
Modified
2024-11-21 01:53
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | - | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the WebVPN portal login page on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka Bug ID CSCug83080."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la p\u00e1gina de login del portal WebVPN en los dispositivos Cisco Adaptive Security Appliances (ASA) permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarias mediante una URL modificada, tambi\u00e9n referenciado como Bug ID CSCug83080."
}
],
"id": "CVE-2013-3414",
"lastModified": "2024-11-21T01:53:35.393",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-07-25T15:53:16.177",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/95660"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3414"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30214"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028831"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85949"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/95660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028831"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85949"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 8.0\(2\) | |
| cisco | adaptive_security_appliance | 8.0\(3\) | |
| cisco | adaptive_security_appliance | 8.0\(4\) | |
| cisco | adaptive_security_appliance | 8.0\(5\) | |
| cisco | adaptive_security_appliance | 8.1\(1\) | |
| cisco | adaptive_security_appliance | 8.1\(2\) | |
| cisco | adaptive_security_appliance | 8.2 | |
| cisco | adaptive_security_appliance | 8.2\(1\) | |
| cisco | adaptive_security_appliance | 8.2\(2\) | |
| cisco | adaptive_security_appliance | 8.3 | |
| cisco | adaptive_security_appliance_software | 8.0 | |
| cisco | adaptive_security_appliance_software | 8.3\(1\) | |
| cisco | asa_5500 | * | |
| cisco | asa_5505 | * | |
| cisco | asa_5510 | * | |
| cisco | asa_5520 | * | |
| cisco | asa_5540 | * | |
| cisco | asa_5550 | * | |
| cisco | asa_5580 | * | |
| cisco | pix_500 | * | |
| cisco | pix_501 | * | |
| cisco | pix_506e | * | |
| cisco | pix_firewall_506 | * | |
| cisco | pix_firewall_515 | * | |
| cisco | pix_firewall_520 | * | |
| cisco | pix_firewall_525 | * | |
| cisco | pix_firewall_535 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A904D03-264C-4B01-B2B6-12455106B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFA73BA5-D1C5-4561-86F1-5B37C64374E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEA2295-5B38-45BC-9099-5A448482FB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.23), 8.1 before 8.1(2.49), 8.2 before 8.2(4.1), and 8.3 before 8.3(2.13), when a Certificate Authority (CA) is configured, allow remote attackers to read arbitrary files via unspecified vectors, aka Bug ID CSCtk12352."
},
{
"lang": "es",
"value": "Dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500 con el software v8.0 anterior a v8.0 (5.23), v8.1 anterior a v8.1 (2.49), v8.2 anterior a v8.2 (4.1), y v8.3 anterior a v8.3 (2.13), cuando una entidad emisora de certificados (CA) est\u00e1 configurada, permite a atacantes remotos leer archivos arbitrarios a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como error ID CSCtk12352"
}
],
"id": "CVE-2011-0396",
"lastModified": "2024-11-21T01:23:52.907",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:19.307",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/43488"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025108"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65591"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-06-25 17:30
Modified
2024-11-21 01:01
Severity ?
Summary
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 8.0\(4\) | |
| cisco | adaptive_security_appliance | 8.1.2 | |
| cisco | adaptive_security_appliance | 8.2.1 | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98CBFBF5-966C-48E8-BAFB-DED4E58098F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13BC5744-8EB0-4BE3-A743-E95BCD6E2CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7853F676-A9A4-4980-B698-19C60F4DD71F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705."
},
{
"lang": "es",
"value": "WebVPN en los dispositivos Cisco Adaptive Security Appliances (ASA) con software 8.0(4), 8.1.2, y 8.2.1 permite a atacantes remotos eludir ciertos mecanismos de protecci\u00f3n que impliquen la reescritura de URL y HTML y realizar ataques de secuencias de comandos en sitios cruzados (XSS) modificando el primer car\u00e1cter codificado hexadecimal en una URI /+CSCO+, alias Bug ID CSCsy80705."
}
],
"id": "CVE-2009-1202",
"lastModified": "2024-11-21T01:01:53.980",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-06-25T17:30:00.250",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/35511"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/35480"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022457"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35480"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1713"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-10-05 07:29
Modified
2024-11-21 03:09
Severity ?
Summary
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. The vulnerability exists in the Cisco Adaptive Security Appliance (ASA) Software when the WEBVPN feature is enabled. Cisco Bug IDs: CSCve91068.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://www.securityfocus.com/bid/101170 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1039502 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/101170 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1039502 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:-:*:*:*:*:*:*:*",
"matchCriteriaId": "34931C89-BF35-4DC2-9838-3C145575ECDE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device, aka HREF XSS. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. The vulnerability exists in the Cisco Adaptive Security Appliance (ASA) Software when the WEBVPN feature is enabled. Cisco Bug IDs: CSCve91068."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de gesti\u00f3n web de Cisco Adaptive Security Appliance (ASA) podr\u00eda permitir que un atacante remoto no autenticado lleve a cabo un ataque de Cross-Site Scripting (XSS) contra un usuario de dicha interfaz en un dispositivo afectado. Esto tambi\u00e9n se conoce como HREF XSS. La vulnerabilidad se debe a la validaci\u00f3n insuficiente de entrada de datos de parte del usuario en la interfaz de gesti\u00f3n web de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad haciendo que un usuario de la interfaz haga clic en un enlace manipulado. Con el exploit adecuado, el atacante podr\u00eda ejecutar c\u00f3digo de script arbitrario en el contexto de la interfaz o permitir que el atacante pueda acceder a informaci\u00f3n sensible del navegador. La vulnerabilidad existe en Cisco Adaptive Security Appliance (ASA) Software cuando la caracter\u00edstica WEBVPN est\u00e1 habilitada. Cisco Bug IDs: CSCve91068."
}
],
"id": "CVE-2017-12265",
"lastModified": "2024-11-21T03:09:11.717",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-10-05T07:29:00.590",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101170"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039502"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/101170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1039502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa1"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F102F5EF-0B67-4FD7-898E-D5EDD8B822D5",
"versionEndIncluding": "8.3\\(1\\)",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "15ECB359-7290-4732-96F2-AFCEE21C7899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3DA2F01C-ECF1-477B-A413-75D0EB817079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0714F9E-75AD-4405-BBC3-E0D817C05EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D9649696-DE81-48C7-A276-17E1ECADAD5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(6.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F31A44B7-7DD8-4ECF-9BA0-7D1983A2DB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7632C245-04C6-4E78-87B7-55CCCA6FD6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E84099EB-2535-4A9F-8355-FF937CFBD122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C599F894-DAD2-4231-8BB8-1427E7C02D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F60C12-71C9-47C6-B43F-A0374419D736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1C853CD9-F451-406E-A515-3BDC34E55639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7C28DC-B15F-486B-96F1-D08529B7374A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B03A1408-A55A-4482-B239-B13094B13BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*",
"matchCriteriaId": "62DC7025-F067-45CB-BEA6-ED16A5BD2896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D1557499-D1A1-4A26-80DA-A3D66AA53580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2649C78C-D742-4E6F-950F-54BF7CF797C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "469CFE0C-6319-46F3-8D31-4850F5E6A830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4333600F-0277-4D6C-922E-53FA01CF3C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.49\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35AFDFE9-CCC9-453B-A081-939D1D554379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C82C545-6796-4B67-A97D-0435D41C63C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA336EBF-FA9A-4B80-A486-446A1C4B72F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B53107-BCD0-4D3E-B090-91D6BD6139C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C926091-D9A6-4264-8E9A-52AFCBC09D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D55D3385-FEE7-44AA-A65A-50924FDC1BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E853B8BF-07F5-46DF-8DEA-302F68B8B086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "364CA0EA-F85E-4C4B-96D8-A7256F413844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67AB954E-D1F4-4B29-B782-2E9917D82DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7DA3389C-86FE-45F7-97D7-E3386403944F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "656D49C2-4F2E-4369-8933-FF74A3CD51EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C68E73D6-A207-4276-A972-52B859CD958A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1E406214-2776-42C2-B777-92E6420FBFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "73BA05D1-78A7-4F90-9448-3F2011EE3EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C2C6ABC8-767A-4B7D-A286-F9C6DF61AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33F24697-0124-4326-8499-29931D57D246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3.9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A7236893-3EE9-4DBE-8A75-5294FD82E922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97E5BC7E-399F-4FD2-8024-2F4F621BC577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2C8AFA-A4B6-44A2-B00C-1950997493C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "465313C5-BFB9-458A-8150-8F7BA1F8C386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*",
"matchCriteriaId": "9C808D46-C846-4C53-A713-150C3FED3FAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5551EDC1-1FE7-4FAF-9ABC-E862B3100BAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74868197-D48D-43DE-A65B-A56369DA6502",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.1\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F72BB334-B050-4B52-868A-49250EF1E845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.1\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "86DFEFB7-A745-4D5F-A1AB-F6E3971894A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.1\\(17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3181F43-6CB7-47C1-A68A-432995454F14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.1\\(18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39983B88-A340-4712-9E5C-C3D492DDF09C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.1\\(19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2E29A007-4664-4822-AC78-7C0153417D9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33A3DD4F-CD94-4BD7-9365-4ED26872697E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EE5DA712-F36D-4755-9158-57A5B0F95BE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4AA71976-7561-4B9D-BFB3-87A06711EB46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "10F4F6A1-5C6F-4A54-80BE-1B77DFA47DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.2\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D5732020-BB4A-4F87-B63A-31BD439FE3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.2\\(14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "493B34EA-B262-4123-958C-C2B563A66A7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:3.2\\(16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C8F81C8-99D5-40CA-972A-71EB0CF43FA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4BF07192-27C3-47DA-A3EA-C5FA84A43ADF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6716B573-328C-455E-AB36-315DD6588AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2CB3A6B4-C567-4E96-A735-74F50C7A6906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "259252A1-C0B1-4679-B04E-29DDDB4ACAD1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0B944351-D4ED-42A1-969E-B7DC864B0CBB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0\\(10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "51D7EBD7-2BEA-4C30-9E89-A9913EE268C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0\\(11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "822A8177-A69D-495E-9437-E5567A27F60D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0\\(12\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1226F8D6-7402-457B-8AEC-7164D735ECF7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0\\(13\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04F7CD17-7EAC-4B77-8F59-8EB5362091DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.0\\(14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97CC4932-94B6-447E-8294-D6732B46CB41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E8F281A7-0C77-46A2-8838-D3E9207FB85D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1C3DCF01-326D-44A1-ADAB-CF52F7629082",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4E03AD49-1267-4866-A059-DE97EA79D769",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "889F34A9-81CD-4381-9708-A2481C95FE21",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:firewall_services_module_software:4.1\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "26E8B157-67EF-4DFB-BFBB-7794A048E43C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A9CB22A-21E0-46F6-B6CD-BB38A80FA7A4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5.1), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), 8.2 before 8.2(2.19), and 8.3 before 8.3(1.8); Cisco PIX Security Appliances 500 series devices; and Cisco Firewall Services Module (aka FWSM) 3.1 before 3.1(20), 3.2 before 3.2(20), 4.0 before 4.0(15), and 4.1 before 4.1(5) allow remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug IDs CSCtg69457 and CSCtl84952."
},
{
"lang": "es",
"value": "Dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500 con el software v7.0 anterior a v7.0(8.11), v7.1 y v7.2 anterior a v7.2(5.1), v8.0 anterior a v8.0 (5.19), v8.1 anterior a v8.1 (2.47), v8.2 anterior a v8.2 (2.19), y v8.3 anterior a v8.3 (1.8); dispositivos Cisco PIX Security Appliances Serie 500; y Cisco Firewall Services Module (tambi\u00e9n conocido como FWSM) v3.1 anterior a v3.1 (20), v3.2 anterior a v3.2 (20), v4.0 anterior a v4.0 (15), y v4.1 anterior a v4.1(5) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de un mensaje Skinny Client Control Protocol (SCCP) manipulado, tambi\u00e9n conocido como error ID CSCtg69457 y CSCtl84952."
}
],
"id": "CVE-2011-0394",
"lastModified": "2024-11-21T01:23:52.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:19.213",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/43453"
},
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/43488"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46518"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025108"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025109"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2011/0494"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43453"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e148.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46518"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0494"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65593"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:23
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
"versionEndExcluding": "9.8.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5429F29E-BEE8-4989-B5F3-A9BABBF64D31",
"versionEndExcluding": "6.4.0.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7B2F537A-A488-45B6-AD4B-48B7064AE84C",
"versionEndExcluding": "7.0.1",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "796D02D8-AD57-49E8-93F6-5CC0E4D2F883",
"versionEndExcluding": "9.12.4.29",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "333EFE8A-1514-4F7A-BBF4-876DC1B2E5A4",
"versionEndExcluding": "9.14.3.9",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EC0723-CBC7-45A7-8B30-B680E8A771EF",
"versionEndExcluding": "9.15.1.17",
"versionStartIncluding": "9.15.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "310B86D1-730D-4D8A-AC95-31FBE4F7D1E6",
"versionEndExcluding": "9.16.2.3",
"versionStartIncluding": "9.16.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FBD276B8-B4F8-47EF-80A4-96A917823A79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A86C4E60-F811-4F2C-BF31-627849744776",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C6734B62-712F-42AA-BAD4-DD7CCE84C99C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5935F575-BAE5-452F-B603-3524988B2E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4D96435F-F035-486E-86AA-DB9A1A1878F4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5B973EE4-AD69-4FD0-B3CE-4F5460207B38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E955DA5C-578D-4598-AE88-46177A551AB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
"matchCriteriaId": "85FB9502-1022-4F44-8502-5346FDAC91B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0382346B-326E-4216-AAB0-34282B2A2B31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B6AA6797-A9F7-4036-8241-F822B30C9DFB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
"matchCriteriaId": "47B74595-6009-4770-AEB5-2BB89EACD6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DEC8ACEC-5E15-48A3-A642-CB40C49A40BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA4E22D3-042B-4181-BC1F-3553860CE6FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
"matchCriteriaId": "57A88F76-F7F9-4A3E-8B2D-BABB4F1F9B5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9E038B73-401A-455C-851A-116EDF48243A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A12D2208-F952-4ECD-B80A-C0BAC57E5903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "DC86BF23-AFC9-42BF-B4CA-9772840FAFED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F83634D3-7025-4643-9987-8B72C3E03B77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3F527459-A585-40FB-9640-11D06E85DED3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29B863B0-C802-4220-984C-3D31E3DB1867",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3BA5A2D5-670D-49DD-A415-F146CECB4A5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "25132AA1-C4BE-4956-9608-7A018D30A1D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4F4D5D5F-46C1-4FEC-85BF-0664C9421F06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EDA8AAD5-85A0-414E-82B5-BEDD348AA161",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5E412ECC-0C85-4F67-BF06-8DEC4D0AD9EC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C99B194-1BE7-478A-B745-2C69DDA62FBC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A7A82BE6-4214-4708-96D2-349C2635AC53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5CE35CD6-4B2A-453A-B58C-7B3BDBD2BD38",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
"matchCriteriaId": "318AFDDA-4C33-4A52-90A7-AA5F3CEFCE6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "63BDBAD7-A0B1-4750-B29A-50941488858A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
"matchCriteriaId": "34370479-D7E0-47FE-A6D4-05237EE7737B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0FAC4185-41E4-45B9-8C32-A34D005BE0B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D51ED6B6-C0B7-4C22-A9F2-9FD4B0880516",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3922119D-6004-4ECE-B882-1411E5989203",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "966485AF-DBDC-4AB9-82BE-970BCCBA54F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.012\\(004.024\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E82216B8-8BA5-490C-899A-5198152661C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95C0E2C1-9103-4189-9E32-76A41A3B281B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015\\(001.015\\):*:*:*:*:*:*:*",
"matchCriteriaId": "24178E23-C2ED-4410-8D72-89415ADEA3FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015\\(001.016\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C2C976BA-40FE-449A-9EAC-8A55D54B9417",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.016\\(001\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B524ED0E-13AF-4365-A509-A4D226A6A7CF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado desencadenar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe a una validaci\u00f3n de entrada inadecuada al analizar las solicitudes HTTPS. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTPS maliciosa a un dispositivo afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante hacer que el dispositivo se recargue, resultando en una condici\u00f3n de DoS"
}
],
"id": "CVE-2021-40118",
"lastModified": "2024-11-21T06:23:36.533",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.823",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7C3150-AC51-4C6E-B0D2-B1E820C62F0B",
"versionEndExcluding": "9.6.4.31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9401338-5D6D-46E6-918C-AE11FC6DBC9E",
"versionEndExcluding": "9.8.4.9",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3118855-5066-4FB7-B63E-EB694D6E00FA",
"versionEndExcluding": "9.9.2.56",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA230E4-4D7F-4186-842A-27B3741EE468",
"versionEndExcluding": "9.10.1.30",
"versionStartIncluding": "9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385",
"versionEndExcluding": "9.12.2.9",
"versionStartIncluding": "9.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7FA268E0-220A-4D15-8816-6F69F7773590",
"versionEndExcluding": "9.13.1",
"versionStartIncluding": "9.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A1910D8-107F-4BD1-90D2-5653AA75F54A",
"versionEndExcluding": "6.2.3.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3920B277-4643-4601-A4C8-05C0C3D76C42",
"versionEndExcluding": "6.3.0.5",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
"versionEndExcluding": "6.4.0.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el portal Clientless SSL VPN (WebVPN) de Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado realizar un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz de administraci\u00f3n basada en web de un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de la entrada suministrada por el usuario mediante la interfaz de administraci\u00f3n basada en web de un dispositivo afectado. Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante ejecutar c\u00f3digo script arbitrario en el contexto de la interfaz o permitirle al atacante acceder a informaci\u00f3n confidencial basada en navegador."
}
],
"id": "CVE-2019-12695",
"lastModified": "2024-11-21T04:23:22.757",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-02T19:15:13.467",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-xss"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD51404-99D0-45D6-8998-02861FF10108",
"versionEndExcluding": "9.6.4.45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "335A33C3-58D1-4363-8C2E-DEE02C4895D9",
"versionEndExcluding": "9.8.4.29",
"versionStartIncluding": "9.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
"versionEndExcluding": "9.9.2.80",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7036D010-F764-4899-A7B3-456084FC1392",
"versionEndExcluding": "9.10.1.43",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F71893A1-284B-453E-A9F4-579FAB514E9B",
"versionEndExcluding": "9.12.4.4",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
"versionEndExcluding": "9.13.1.13",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC7FBC60-3B63-4BB2-B285-17B07F1891EF",
"versionEndExcluding": "9.14.1.29",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de administraci\u00f3n basada en web en Cisco Adaptive Security Appliance (ASA) Software podr\u00eda permitir a un atacante remoto no autenticado conducir un ataque de tipo cross-site scripting (XSS) contra un usuario de la interfaz.\u0026#xa0;Esta vulnerabilidad se presenta porque la interfaz de administraci\u00f3n basada en web no comprueba apropiadamente una entrada suministrada por el usuario.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad al persuadir a un usuario de la interfaz para que haga clic en un enlace dise\u00f1ado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante ejecutar un c\u00f3digo script arbitrario en el contexto de la interfaz o acceder a informaci\u00f3n confidencial basada en el navegador"
}
],
"id": "CVE-2020-3599",
"lastModified": "2024-11-21T05:31:23.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:19.060",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-rxss-L54Htxp"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-08-30 01:55
Modified
2024-11-21 01:53
Severity ?
Summary
The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463 | Vendor Advisory | |
| ykramarz@cisco.com | http://tools.cisco.com/security/center/viewAlert.x?alertId=30607 | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securityfocus.com/bid/62068 | Third Party Advisory, VDB Entry | |
| ykramarz@cisco.com | http://www.securitytracker.com/id/1028968 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/viewAlert.x?alertId=30607 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/62068 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1028968 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | - | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899."
},
{
"lang": "es",
"value": "La funcionalidad de inspecci\u00f3n de protocolo en dispositivos Cisco Adaptive Security Appliances (ASA), no aplica correctamente el tiempo de espera, permitiendo a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de la tabla de conexiones) a trav\u00e9s de peticiones manipuladas que utilizan un protocolo de inspecci\u00f3n, tambi\u00e9n conocido como Bug ID CSCuh13899."
}
],
"id": "CVE-2013-3463",
"lastModified": "2024-11-21T01:53:40.623",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-08-30T01:55:08.503",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30607"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/62068"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028968"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=30607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/62068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1028968"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-11 10:55
Modified
2024-11-21 01:48
Severity ?
Summary
The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(0\\):*:*:*:*:*:*:*",
"matchCriteriaId": "15ECB359-7290-4732-96F2-AFCEE21C7899",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "88102B08-48E8-48FD-81E9-FAF717D6BE34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3DA2F01C-ECF1-477B-A413-75D0EB817079",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0714F9E-75AD-4405-BBC3-E0D817C05EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D9649696-DE81-48C7-A276-17E1ECADAD5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(6\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0F4EA382-848E-4FE8-AE03-5DDDDBE88C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(6.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F31A44B7-7DD8-4ECF-9BA0-7D1983A2DB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "538B700C-AA95-4D63-8148-E4D5ED08CE02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "61DD640A-120F-487D-B364-66B69C962A35",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7632C245-04C6-4E78-87B7-55CCCA6FD6C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E84099EB-2535-4A9F-8355-FF937CFBD122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C599F894-DAD2-4231-8BB8-1427E7C02D60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "C1F60C12-71C9-47C6-B43F-A0374419D736",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1C853CD9-F451-406E-A515-3BDC34E55639",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "FD7C28DC-B15F-486B-96F1-D08529B7374A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "B03A1408-A55A-4482-B239-B13094B13BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*",
"matchCriteriaId": "62DC7025-F067-45CB-BEA6-ED16A5BD2896",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D1557499-D1A1-4A26-80DA-A3D66AA53580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2649C78C-D742-4E6F-950F-54BF7CF797C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "469CFE0C-6319-46F3-8D31-4850F5E6A830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4333600F-0277-4D6C-922E-53FA01CF3C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.49\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35AFDFE9-CCC9-453B-A081-939D1D554379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C82C545-6796-4B67-A97D-0435D41C63C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA336EBF-FA9A-4B80-A486-446A1C4B72F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B53107-BCD0-4D3E-B090-91D6BD6139C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4C926091-D9A6-4264-8E9A-52AFCBC09D34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.18\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D55D3385-FEE7-44AA-A65A-50924FDC1BFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BD3AD5D9-DD5E-4D31-9F11-94A6147F59A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3FC1CE86-6FD4-44D4-A3E6-D49B9CAAA0B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9F0864E8-E9C5-498D-84F4-4DE02FF4852A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E853B8BF-07F5-46DF-8DEA-302F68B8B086",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "95627941-30D8-452F-B6C8-76D2BEE93514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "364CA0EA-F85E-4C4B-96D8-A7256F413844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "67AB954E-D1F4-4B29-B782-2E9917D82DE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7DA3389C-86FE-45F7-97D7-E3386403944F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "788C1177-EA1F-4C89-B4D2-C3939C45472C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31E7CB8A-17DF-43EB-9BCB-F2E5293C949F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AAFE1219-5B88-4A41-B1FA-0E3BA9FDA14A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04B97D0B-974E-48E7-A5F1-AB572ACB7829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(5.28\\):*:*:*:*:*:*:*",
"matchCriteriaId": "55F688FD-23D2-473D-A341-32AF4E7FAAAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "656D49C2-4F2E-4369-8933-FF74A3CD51EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C68E73D6-A207-4276-A972-52B859CD958A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1E406214-2776-42C2-B777-92E6420FBFBF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2185ED62-166C-4F43-ACA2-C1EF43C48D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "785388F5-E76A-4762-B498-35F69CE537AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "73BA05D1-78A7-4F90-9448-3F2011EE3EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C2C6ABC8-767A-4B7D-A286-F9C6DF61AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33F24697-0124-4326-8499-29931D57D246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3.9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A7236893-3EE9-4DBE-8A75-5294FD82E922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97E5BC7E-399F-4FD2-8024-2F4F621BC577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22E1D918-A52E-4892-9D0D-EE3E21853BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "333BCB8C-5B17-4EF7-9BFF-0F6B038BE38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA8018B5-4392-4D14-A017-80D325FBCB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(5.35\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4411AB6B-FC27-45B6-A9D3-45DB64D14357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2C8AFA-A4B6-44A2-B00C-1950997493C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "465313C5-BFB9-458A-8150-8F7BA1F8C386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*",
"matchCriteriaId": "9C808D46-C846-4C53-A713-150C3FED3FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C15D1F6-997D-47FD-A654-AEF3332E6105",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2.34\\):*:*:*:*:*:*:*",
"matchCriteriaId": "37D8E4C6-9CF5-40DD-852E-B9623CDBE5B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5990B883-0B5A-44F0-B4DC-8031ED0F2026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:interim:*:*:*:*:*:*",
"matchCriteriaId": "E5A002AD-3EB0-43CB-AFAF-4A44DAF11007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7F417BC-5835-4F29-8DB6-03A62B7B2364",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95EC2D6C-84BA-4A58-B4A0-6FF8613AF9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "691166C2-1FBD-46EB-8AA5-FCE303444ACD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4956430E-BEC1-4788-B0D2-E50E36C70306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(4.11\\):*:*:*:*:*:*:*",
"matchCriteriaId": "747A3577-3D68-4F23-B465-5A40035C2246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A7DC22FC-55C8-4B87-96BF-BE058E958BB4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "310B4795-4BC3-4F47-8F54-C513ECC2C9F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6:*:*:*:*:*:*:*",
"matchCriteriaId": "2BFCE154-6582-49E2-9B9D-641986B7D653",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "563181F6-6A37-496B-AE25-0D03214BA7BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7\\(1.3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E4FDA1C7-3CFC-4DFC-8DE7-ED54636ED1A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "04C8C6E9-D5C3-42DC-B431-9097B2FCCB52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75B5CF41-7F01-4AE9-B54B-8DB6909504B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F995B807-32A2-401F-99D5-FBBA8B69E844",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B64230D9-75E1-40C0-8889-43F1035F5B60",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 before 8.6(1.10), 8.7 before 8.7(1.4), 9.0 before 9.0(1.1), and 9.1 before 9.1(1.2) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCud16590."
},
{
"lang": "es",
"value": "La implementaci\u00f3n de autenticaci\u00f3n de proxy de Cisco Adaptive Security Appliances (ASA) los dispositivos con v7.x antes de 7.2(5.10), v8.0 antes de 8.0(5.31), v8.1 y 8.2 antes de v8.2(5.38), v8.3 antes de v8.3(2.37), v8.4 antes de v8.4(5.3), v8.5 y v8.6 antes de v8.6(1.10), v8.7 antes de v8.7(1.4), v9.0 antes de 9.0(1.1), y v9.1 antes de 9.1(1.2) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de un URL elaborado, CSCud16590 tambi\u00e9n conocido como Bug ID."
}
],
"id": "CVE-2013-1150",
"lastModified": "2024-11-21T01:48:59.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-11T10:55:01.790",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1150"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE0076B-25F9-4A04-93F2-1B283C27882B",
"versionEndExcluding": "9.6.4.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25DFB28-C8FF-47B8-B619-CDA94ED9AFFF",
"versionEndExcluding": "9.8.4.10",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3118855-5066-4FB7-B63E-EB694D6E00FA",
"versionEndExcluding": "9.9.2.56",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ADA230E4-4D7F-4186-842A-27B3741EE468",
"versionEndExcluding": "9.10.1.30",
"versionStartIncluding": "9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7DC67CB-104C-4E29-8E4F-D1E577D36876",
"versionEndExcluding": "9.12.2.5",
"versionStartIncluding": "9.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "885E5B33-1658-4B86-9B47-D89CA3FA2EF6",
"versionEndExcluding": "6.3.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
"versionEndExcluding": "6.4.0.4",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the FTP inspection engine of Cisco Adaptive Security (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient validation of FTP data. An attacker could exploit this vulnerability by sending malicious FTP traffic through an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el motor de inspecci\u00f3n FTP del Software Cisco Adaptive Security (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido a una comprobaci\u00f3n insuficiente de los datos de FTP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico FTP malicioso por medio de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una condici\u00f3n DoS sobre el dispositivo afectado."
}
],
"id": "CVE-2019-12673",
"lastModified": "2024-11-21T04:23:19.777",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-02T19:15:12.077",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-18 21:17
Modified
2024-11-21 00:38
Severity ?
Summary
Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 7.2 | |
| cisco | pix_500 | * | |
| cisco | pix_500 | * | |
| cisco | adaptive_security_appliance_software | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "407FE280-817B-4164-8E70-32A029448E34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:7.1_software:*:*:*:*:*:*",
"matchCriteriaId": "C5BD22EB-5815-41EE-8706-27B60DA88F55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:7.2_software:*:*:*:*:*:*",
"matchCriteriaId": "62710520-B1F2-40B0-9CF8-D196DD578D66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120."
},
{
"lang": "es",
"value": "Cisco PIX y ASA appliances con software 7.1 y 7.2, cuando se configura para sesiones TLS en el dispositivo, permite a atacantes remotos provocar denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de paquetes TLS manipulados, tambi\u00e9n conocido como CSCsg43276 y CSCsh97120."
}
],
"id": "CVE-2007-5569",
"lastModified": "2024-11-21T00:38:12.400",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-18T21:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27193"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26104"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018826"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018827"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3531"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda56.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26104"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018827"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37260"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-09 11:58
Modified
2024-11-21 01:17
Severity ?
Summary
Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9952F1BC-68BD-4B32-8707-2A0F185423AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29ADB7E0-9436-4479-B2FF-6241BA6DB4A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F2D2FF90-7A70-464F-A859-1A31F1FF6514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1CD8078B-570C-4449-97D3-B903B19BAEA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "2A70C710-CFC6-4503-B2EC-E50DF38CEC76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C0BDBB7B-2CB1-4F93-861D-BD4962527259",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AAF282A0-9335-44FA-9849-C5273B4E519E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "C2064D5C-1068-4889-9EB9-1E92D40D60BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9182D1E9-7F10-4C00-89E9-2142551464DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A7DB5368-63F1-4D55-A9CE-12F307F1CBE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "06688558-3990-4907-9969-B1462ED82DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5291408-8B29-48F4-9579-E7130382850F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2BB254-1F22-4445-9A20-45881240C1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A904D03-264C-4B01-B2B6-12455106B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFA73BA5-D1C5-4561-86F1-5B37C64374E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEA2295-5B38-45BC-9099-5A448482FB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "85ED2D96-5CC9-4851-986A-C9ED5E2D96CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AC150564-7413-401A-9DD8-8AD773F1D8F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0714F9E-75AD-4405-BBC3-E0D817C05EF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(5.2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D9649696-DE81-48C7-A276-17E1ECADAD5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\(6.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F31A44B7-7DD8-4ECF-9BA0-7D1983A2DB09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7EA0DDDD-C987-4DA6-ADEE-77B387C26A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "49696766-ECCE-4903-AA54-271EFEA58B8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D1557499-D1A1-4A26-80DA-A3D66AA53580",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "2649C78C-D742-4E6F-950F-54BF7CF797C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.27\\):*:*:*:*:*:*:*",
"matchCriteriaId": "469CFE0C-6319-46F3-8D31-4850F5E6A830",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4333600F-0277-4D6C-922E-53FA01CF3C2E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(2.49\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35AFDFE9-CCC9-453B-A081-939D1D554379",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "7C82C545-6796-4B67-A97D-0435D41C63C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la implementaci\u00f3n de Cisco Adaptive Security Appliances (ASA) para dispositivos de la serie 5500 con software v7.0 anteriores a v7.0(8.11), v7.1 y v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.15), v8.1 anteriores a v8.1(2.44), v8.2 anteriores a v8.2(2.10), y v8.3 anteriores a v8.3(1.1) y Cisco PIX Security Appliances para dispositivos de la serie 500, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante un mensajes IKE manipulados, tambi\u00e9n conocido como Bug ID CSCte46507."
}
],
"id": "CVE-2010-2817",
"lastModified": "2024-11-21T01:17:26.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-09T11:58:17.627",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/42190"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42190"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-06-25 17:30
Modified
2024-11-21 01:01
Severity ?
Summary
Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 8.0\(4\) | |
| cisco | adaptive_security_appliance | 8.1.2 | |
| cisco | adaptive_security_appliance | 8.2.1 | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98CBFBF5-966C-48E8-BAFB-DED4E58098F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13BC5744-8EB0-4BE3-A743-E95BCD6E2CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7853F676-A9A4-4980-B698-19C60F4DD71F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN[\u0027process\u0027] to the name of a crafted function, aka Bug ID CSCsy80694."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n \"Eval\" en la funci\u00f3n csco_wrap_js en /+CSCOL+/cte.js en WebVPN en los dispositivos Cisco Adaptive Security Appliances (ASA) con software 8.0(4), 8.1.2, y 8.2.1, permite a atacantes remotos eludir un envoltorio (wrapper) DOM y realizar ataques de secuencias de comandos en sitios cruzados (XSS) configurando el valor CSCO_WebVPN[\u0027process\u0027] con el nombre de la funci\u00f3n modificada, alias Bug ID CSCsy80694."
}
],
"id": "CVE-2009-1201",
"lastModified": "2024-11-21T01:01:53.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-06-25T17:30:00.203",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/35511"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/35476"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022457"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"source": "cve@mitre.org",
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/35476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2009-002.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD51404-99D0-45D6-8998-02861FF10108",
"versionEndExcluding": "9.6.4.45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4FADF7-A3CD-44B4-85DF-75F28369B459",
"versionEndExcluding": "6.3.0.6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
"versionEndExcluding": "6.4.0.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "754010DE-2C33-4BA1-9567-90C46309B664",
"versionEndExcluding": "6.6.1",
"versionStartIncluding": "6.6.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "445C3154-55F2-4A7B-ABA1-724F3E877920",
"versionEndExcluding": "9.8.4.29",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
"versionEndExcluding": "9.9.2.80",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
"versionEndExcluding": "9.10.1.44",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F71893A1-284B-453E-A9F4-579FAB514E9B",
"versionEndExcluding": "9.12.4.4",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A4148D30-F285-4045-A017-82F5BF074233",
"versionEndExcluding": "9.13.1.13",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BDD8BF1D-E300-461E-99C5-E191BE4173C2",
"versionEndExcluding": "9.14.1.30",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el proceso de negociaci\u00f3n de SSL VPN para Cisco Adaptive Security Appliance (ASA) Software y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS).\u0026#xa0;La vulnerabilidad es debido a una gesti\u00f3n de memoria direct memory access (DMA) ineficiente durante la fase de negociaci\u00f3n de una conexi\u00f3n VPN SSL.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un flujo constante de tr\u00e1fico Datagram TLS (DTLS) dise\u00f1ado a un dispositivo afectado.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante agotar la memoria DMA en el dispositivo y causar una condici\u00f3n de DoS"
}
],
"id": "CVE-2020-3529",
"lastModified": "2024-11-21T05:31:15.557",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:16.967",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-sslvpndma-dos-HRrqB9Yx"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-06 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE0076B-25F9-4A04-93F2-1B283C27882B",
"versionEndExcluding": "9.6.4.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25DFB28-C8FF-47B8-B619-CDA94ED9AFFF",
"versionEndExcluding": "9.8.4.10",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B7269E-E076-497D-8EBD-8B19BCB211FE",
"versionEndExcluding": "9.10.1.30",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1419728-88C1-49C2-B269-5D2353E109D1",
"versionEndExcluding": "9.12.3",
"versionStartIncluding": "9.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "885E5B33-1658-4B86-9B47-D89CA3FA2EF6",
"versionEndExcluding": "6.3.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
"versionEndExcluding": "6.4.0.4",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the DHCP module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to incorrect processing of certain DHCP packets. An attacker could exploit this vulnerability by sending a crafted DHCP packet to the affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo DHCP del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) sobre el dispositivo afectado. La vulnerabilidad es debido al procesamiento incorrecto de determinados paquetes DHCP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete DHCP dise\u00f1ado hacia el dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar una condici\u00f3n DoS sobre el dispositivo afectado."
}
],
"id": "CVE-2020-3306",
"lastModified": "2024-11-21T05:30:46.620",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-06T17:15:13.260",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dos-qk8cTGLz"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-18 21:55
Modified
2024-11-21 01:45
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "788C1177-EA1F-4C89-B4D2-C3939C45472C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31E7CB8A-17DF-43EB-9BCB-F2E5293C949F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "AAFE1219-5B88-4A41-B1FA-0E3BA9FDA14A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "04B97D0B-974E-48E7-A5F1-AB572ACB7829",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "656D49C2-4F2E-4369-8933-FF74A3CD51EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C68E73D6-A207-4276-A972-52B859CD958A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "1E406214-2776-42C2-B777-92E6420FBFBF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2185ED62-166C-4F43-ACA2-C1EF43C48D47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "785388F5-E76A-4762-B498-35F69CE537AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "73BA05D1-78A7-4F90-9448-3F2011EE3EF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C2C6ABC8-767A-4B7D-A286-F9C6DF61AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33F24697-0124-4326-8499-29931D57D246",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3.9\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A7236893-3EE9-4DBE-8A75-5294FD82E922",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "97E5BC7E-399F-4FD2-8024-2F4F621BC577",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22E1D918-A52E-4892-9D0D-EE3E21853BD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "333BCB8C-5B17-4EF7-9BFF-0F6B038BE38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CA8018B5-4392-4D14-A017-80D325FBCB2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8F2C8AFA-A4B6-44A2-B00C-1950997493C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "465313C5-BFB9-458A-8150-8F7BA1F8C386",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*",
"matchCriteriaId": "9C808D46-C846-4C53-A713-150C3FED3FAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1C15D1F6-997D-47FD-A654-AEF3332E6105",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5990B883-0B5A-44F0-B4DC-8031ED0F2026",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:interim:*:*:*:*:*:*",
"matchCriteriaId": "E5A002AD-3EB0-43CB-AFAF-4A44DAF11007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C7F417BC-5835-4F29-8DB6-03A62B7B2364",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_1000v_cloud_firewall:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9182B547-0BCA-4700-8F3E-257EB5D4D4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462."
},
{
"lang": "es",
"value": "Dispositivos Cisco Adaptive Security Appliances (ASA) con firmware v8.x hasta v8.4(1) no gestiona correctamente sesiones SSH, permitiendo a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda de dispositivo) establecinedo m\u00faltiples sesiones, tambien conocido como Bug ID CSCtc59462."
}
],
"id": "CVE-2012-5717",
"lastModified": "2024-11-21T01:45:10.223",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-18T21:55:00.900",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-01-11 19:15
Modified
2024-11-21 05:44
Severity ?
8.6 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "713E8185-E75D-4470-9C6A-6021DF154897",
"versionEndIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2330600D-6AB1-4912-A595-2AE167853B93",
"versionEndIncluding": "6.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "21EE9386-0DCF-4F04-A05D-387B83D668D0",
"versionEndExcluding": "6.4.0.13",
"versionStartIncluding": "6.2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "98DEDDAB-B8C5-4753-A208-94638E694FC1",
"versionEndExcluding": "6.7.0.3",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BBCA75A6-0A3E-4393-8884-9F3CE190641E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "371C8F32-C2BB-49E2-A9AB-BEBCDB6709C1",
"versionEndExcluding": "9.8.4.40",
"versionStartIncluding": "9.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9138F19B-2402-4A19-B37E-2EDAE9EFF8EB",
"versionEndExcluding": "9.12.4.26",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DBA21489-FED1-4FA7-B5DA-41ED129D716B",
"versionEndExcluding": "9.14.3",
"versionStartIncluding": "9.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE55D049-D331-45CF-B4CB-9519DCC48241",
"versionEndExcluding": "9.15.1.17",
"versionStartIncluding": "9.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A40C76E7-07C6-4DE4-9B7D-3D9726011AC3",
"versionEndExcluding": "9.16.1.28",
"versionStartIncluding": "9.16",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper input validation when parsing HTTPS requests. An attacker could exploit this vulnerability by sending a malicious HTTPS request to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Adaptive Security Appliance (ASA) y del software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado desencadenar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido a una comprobaci\u00f3n inapropiada de entradas cuando son analizadas las peticiones HTTPS. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de una petici\u00f3n HTTPS maliciosa a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar que el dispositivo se recargue, resultando en una condici\u00f3n de DoS"
}
],
"id": "CVE-2021-1573",
"lastModified": "2024-11-21T05:44:39.157",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-01-11T19:15:07.743",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asafdt-webvpn-dos-KSqJAKPA"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-121"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-06 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94146309-66F7-4349-83CF-7969E13F3A7A",
"versionEndExcluding": "9.6.4.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25DFB28-C8FF-47B8-B619-CDA94ED9AFFF",
"versionEndExcluding": "9.8.4.10",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B7269E-E076-497D-8EBD-8B19BCB211FE",
"versionEndExcluding": "9.10.1.30",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385",
"versionEndExcluding": "9.12.2.9",
"versionStartIncluding": "9.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "885E5B33-1658-4B86-9B47-D89CA3FA2EF6",
"versionEndExcluding": "6.3.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
"versionEndExcluding": "6.4.0.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Border Gateway Protocol (BGP) module in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain BGP packets. An attacker could exploit this vulnerability by sending a crafted BGP packet. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del m\u00f3dulo Border Gateway Protocol (BGP) en el Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido al procesamiento incorrecto de determinados paquetes BGP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete BGP dise\u00f1ado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar una condici\u00f3n DoS sobre el dispositivo afectado."
}
],
"id": "CVE-2020-3305",
"lastModified": "2024-11-21T05:30:46.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-06T17:15:13.197",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-P43GCE5j"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6A7A4A-45A5-4348-AF15-AE070F98577E",
"versionEndExcluding": "9.4.4.37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD6750E-A7C2-4666-BF9E-05DD379CE324",
"versionEndExcluding": "9.6.4.34",
"versionStartIncluding": "9.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0810C0B8-ADF0-4436-A02E-E0F9F3A995D5",
"versionEndExcluding": "9.8.4.7",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3118855-5066-4FB7-B63E-EB694D6E00FA",
"versionEndExcluding": "9.9.2.56",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D22E9AC-8A5B-4616-86C5-396929CB31F4",
"versionEndExcluding": "9.10.1.27",
"versionStartIncluding": "9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5706D2C-2710-4E83-892E-00B943E61783",
"versionEndExcluding": "9.12.2.1",
"versionStartIncluding": "9.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A1910D8-107F-4BD1-90D2-5653AA75F54A",
"versionEndExcluding": "6.2.3.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6FCB433-E565-4B76-AF20-10A7767AAE94",
"versionEndExcluding": "6.3.0.4",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
"versionEndExcluding": "6.4.0.4",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Session Initiation Protocol (SIP) inspection module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper parsing of SIP messages. An attacker could exploit this vulnerability by sending a malicious SIP packet through an affected device. A successful exploit could allow the attacker to trigger an integer underflow, causing the software to try to read unmapped memory and resulting in a crash."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el m\u00f3dulo de inspecci\u00f3n del Session Initiation Protocol (SIP) del Software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. La vulnerabilidad es debido al an\u00e1lisis inapropiado de los mensajes SIP. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete SIP malicioso por medio de un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante desencadenar un subdesbordamiento de enteros, haciendo que el software intente leer una memoria no asignada y resultando en un bloqueo."
}
],
"id": "CVE-2019-12678",
"lastModified": "2024-11-21T04:23:20.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-02T19:15:12.390",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ftd-sip-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-191"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-08 21:55
Modified
2024-11-21 02:02
Severity ?
Summary
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340."
},
{
"lang": "es",
"value": "La funcionalidad Identity Firewall (IDFW) en Cisco Adaptative Security Appliance (ASA) permite a atacantes remotos disparar modificaciones de estado de autenticaci\u00f3n a trav\u00e9s de respuestas probe de logout NetBIOS manipuladas, tambien conocido como Bug ID CSCuj45340."
}
],
"id": "CVE-2014-0653",
"lastModified": "2024-11-21T02:02:35.630",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-08T21:55:06.270",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/101834"
},
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/56366"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64708"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029570"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90165"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/101834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=32363"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/64708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1029570"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90165"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-11 10:55
Modified
2024-11-21 01:49
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | 9.0 | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F995B807-32A2-401F-99D5-FBBA8B69E844",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080."
},
{
"lang": "es",
"value": "Cisco Adaptive Security Appliances (ASA) los dispositivos con software v9.0 antes de v9.0(1,2) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de un campo dise\u00f1ado en un mensaje de DNS, tambi\u00e9n conocido como Bug ID CSCuc80080."
}
],
"id": "CVE-2013-1152",
"lastModified": "2024-11-21T01:49:00.240",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-11T10:55:01.840",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-04-18 18:55
Modified
2024-11-21 01:49
Severity ?
Summary
The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | - | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708."
},
{
"lang": "es",
"value": "La implementaci\u00f3n ISAKMP en dispositivos Cisco Adaptive Security Appliances (ASA) genera diferentes respuestas de mensajes IKE en aggressive-mode en funci\u00f3n de si se especifican inv\u00e1lidos grupos VPN, lo que permite a atacantes remotos enumerar los grupos a trav\u00e9s de una serie de mensajes, tambi\u00e9n conocido como Bug ID CSCue73708."
}
],
"evaluatorImpact": "Per: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194\r\n\r\n\u0027A vulnerability in the Internet Security Association and Key Management Protocol (ISAKMP) implementation in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to enumerate remote access VPN groups configured in a Cisco ASA device.\u0027",
"id": "CVE-2013-1194",
"lastModified": "2024-11-21T01:49:05.457",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-18T18:55:06.937",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-10-02 19:15
Modified
2024-11-21 04:23
Severity ?
Summary
A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FE0076B-25F9-4A04-93F2-1B283C27882B",
"versionEndExcluding": "9.6.4.34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A00CDFC0-36EC-47D4-95C4-BCD33DA49109",
"versionEndExcluding": "9.8.4.8",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3175E6C8-3E7C-4D95-9B4C-EE9BE1E66296",
"versionEndExcluding": "9.9.2.59",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6D22E9AC-8A5B-4616-86C5-396929CB31F4",
"versionEndExcluding": "9.10.1.27",
"versionStartIncluding": "9.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D5706D2C-2710-4E83-892E-00B943E61783",
"versionEndExcluding": "9.12.2.1",
"versionStartIncluding": "9.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "983CF121-19D2-4FD2-B62A-E9766552CE82",
"versionEndExcluding": "6.3.0.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "17D8647E-1FA8-486E-B150-1EEFE52C31BB",
"versionEndExcluding": "6.4.0.4",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability exists because the affected software improperly parses certain options in OSPF link-state advertisement (LSA) type 11 packets. An attacker could exploit this vulnerability by sending a crafted LSA type 11 OSPF packet to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n de Open Shortest Path First (OSPF) del Software Cisco Adaptive Security Appliance (ASA) y el Software Cisco Firepower Threat Defense (FTD), podr\u00eda permitir a un atacante adyacente no autenticado causar una recarga de un dispositivo afectado, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad se presenta porque el software afectado analiza inapropiadamente ciertas opciones en los paquetes de tipo 11 de link-state advertisement (LSA) de OSPF. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de un paquete OSPF LSA tipo 11 dise\u00f1ado hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante causar una recarga del dispositivo afectado, resultando en una condici\u00f3n DoS para el tr\u00e1fico del cliente que est\u00e1 atravesando el dispositivo."
}
],
"id": "CVE-2019-12676",
"lastModified": "2024-11-21T04:23:20.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-10-02T19:15:12.263",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191002-asa-ospf-lsa-dos"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-04-21 19:15
Modified
2024-11-21 06:43
Severity ?
5.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "05FF8791-FAEC-4E4C-8CF2-8AF41E461E82",
"versionEndIncluding": "9.16.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "86E0342A-7459-4A0E-B046-AB2F1F04D5FA",
"versionEndIncluding": "9.17.1.9",
"versionStartIncluding": "9.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_for_nexus_1000v:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A198A68E-78A8-477F-B6D4-79AAB2C7BE22",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8D80E3B-DD36-45E8-9F7F-38111B7FF5E2",
"versionEndIncluding": "7.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23670904-7E82-4434-A011-2462A56AB56E",
"versionEndIncluding": "7.1.0.1",
"versionStartIncluding": "7.1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:firepower_1010:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7FFE3880-4B85-4E23-9836-70875D5109F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "727A02E8-40A1-4DFE-A3A2-91D628D3044F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F6546E-28F4-40DC-97D6-E0E023FE939B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_1150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB3B0EC3-4654-4D90-9D41-7EC2AD1DDF99",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "52D96810-5F79-4A83-B8CA-D015790FCF72",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16FE2945-4975-4003-AE48-7E134E167A7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2130:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DCE7122A-5AA7-4ECD-B024-E27C9D0CFB7B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_2140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "976901BF-C52C-4F81-956A-711AF8A60140",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4110:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0CBC7F5-7767-43B6-9384-BE143FCDBD7F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4112:-:*:*:*:*:*:*:*",
"matchCriteriaId": "957D64EB-D60E-4775-B9A8-B21CA48ED3B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4115:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A694AD51-9008-4AE6-8240-98B17AB527EE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4120:-:*:*:*:*:*:*:*",
"matchCriteriaId": "38AE6DC0-2B03-4D36-9856-42530312CC46",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4125:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71DCEF22-ED20-4330-8502-EC2DD4C9838F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4140:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB2822B-B752-4CD9-A178-934957E306B4",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4145:-:*:*:*:*:*:*:*",
"matchCriteriaId": "81F4868A-6D62-479C-9C19-F9AABDBB6B24",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_4150:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65378F3A-777C-4AE2-87FB-1E7402F9EA1B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:firepower_9300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "07DAFDDA-718B-4B69-A524-B0CEB80FE960",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the implementation of the Datagram TLS (DTLS) protocol in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause high CPU utilization, resulting in a denial of service (DoS) condition. This vulnerability is due to suboptimal processing that occurs when establishing a DTLS tunnel as part of an AnyConnect SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted DTLS traffic to an affected device. A successful exploit could allow the attacker to exhaust resources on the affected VPN headend device. This could cause existing DTLS tunnels to stop passing traffic and prevent new DTLS tunnels from establishing, resulting in a DoS condition. Note: When the attack traffic stops, the device recovers gracefully."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la implementaci\u00f3n del protocolo Datagram TLS (DTLS) en el software Cisco Adaptive Security Appliance (ASA) y el software Cisco Firepower Threat Defense (FTD) podr\u00eda permitir a un atacante remoto no autenticado causar un alto uso de la CPU, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad es debido al procesamiento sub\u00f3ptimo que es producido cuando es establecido un t\u00fanel DTLS como parte de una conexi\u00f3n VPN SSL AnyConnect. Un atacante podr\u00eda aprovechar esta vulnerabilidad mediante el env\u00edo de un flujo constante de tr\u00e1fico DTLS dise\u00f1ado a un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir al atacante agotar los recursos del dispositivo de encabezado VPN afectado. Esto podr\u00eda causar que los t\u00faneles DTLS existentes dejaran de pasar tr\u00e1fico e impedir que se establecieran nuevos t\u00faneles DTLS, resultando en una condici\u00f3n de DoS. Nota: Cuando el tr\u00e1fico de ataque es detenido, el dispositivo es recuperado con elegancia"
}
],
"id": "CVE-2022-20795",
"lastModified": "2024-11-21T06:43:34.283",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-04-21T19:15:08.740",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vpndtls-dos-TunzLEV"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-03-23 17:15
Modified
2024-11-21 07:40
Severity ?
Summary
A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | * | |
| cisco | firepower_threat_defense | * | |
| cisco | asa_5506-x | - | |
| cisco | asa_5506h-x | - | |
| cisco | asa_5506w-x | - | |
| cisco | asa_5508-x | - | |
| cisco | asa_5516-x | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8EFD11F3-D5A7-4733-AEDE-74D1E0B341F9",
"versionEndExcluding": "9.12.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA44C8ED-0EDD-41A0-992A-0200CF1B33CE",
"versionEndExcluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5506-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "763B801D-CA1E-4C56-8B06-3373EA307C7E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5506h-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "30AC6907-3091-409F-967D-64A82A0C5A8C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5506w-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D11AF728-8EB0-45EB-A7DD-F2D52B3BB7B8",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5508-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "92AE506A-E710-465B-B795-470FDE0E0ECA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5516-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1E07AF10-FFB2-4AC7-BBE7-199C3EFED81F",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the deterministic random bit generator (DRBG), also known as pseudorandom number generator (PRNG), in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco ASA 5506-X, ASA 5508-X, and ASA 5516-X Firewalls could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. This vulnerability is due to insufficient entropy in the DRBG for the affected hardware platforms when generating cryptographic keys. An attacker could exploit this vulnerability by generating a large number of cryptographic keys on an affected device and looking for collisions with target devices. A successful exploit could allow the attacker to impersonate an affected target device or to decrypt traffic secured by an affected key that is sent to or from an affected target device."
}
],
"id": "CVE-2023-20107",
"lastModified": "2024-11-21T07:40:33.907",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-03-23T17:15:15.197",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa5500x-entropy-6v9bHVYP"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-332"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-331"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-05-06 17:15
Modified
2024-11-21 05:30
Severity ?
Summary
A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94146309-66F7-4349-83CF-7969E13F3A7A",
"versionEndExcluding": "9.6.4.36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B25DFB28-C8FF-47B8-B619-CDA94ED9AFFF",
"versionEndExcluding": "9.8.4.10",
"versionStartIncluding": "9.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8B7269E-E076-497D-8EBD-8B19BCB211FE",
"versionEndExcluding": "9.10.1.30",
"versionStartIncluding": "9.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2C0F64F2-0DFE-4904-85D6-ECD3D37E7385",
"versionEndExcluding": "9.12.2.9",
"versionStartIncluding": "9.12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B091B9BA-D4CA-435B-8D66-602B45F0E0BD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2B387F62-6341-434D-903F-9B72E7F84ECB",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E6287D95-F564-44B7-A0F9-91396D7C2C4E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "885E5B33-1658-4B86-9B47-D89CA3FA2EF6",
"versionEndExcluding": "6.3.0.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3EDD3A04-6832-4533-8CE6-6083720E8654",
"versionEndExcluding": "6.4.0.6",
"versionStartIncluding": "6.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to improper management of system memory. An attacker could exploit this vulnerability by sending malicious IKEv1 traffic to an affected device. A successful exploit could allow the attacker to cause a DoS condition on the affected device."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la funcionalidad Internet Key Exchange versi\u00f3n 1 (IKEv1) del Cisco Adaptive Security Appliance (ASA) Software y el Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS). La vulnerabilidad es debido a una administraci\u00f3n inapropiada de la memoria del sistema. Un atacante podr\u00eda explotar esta vulnerabilidad mediante el env\u00edo de tr\u00e1fico malicioso IKEv1 hacia un dispositivo afectado. Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante causar una condici\u00f3n DoS sobre el dispositivo afectado."
}
],
"id": "CVE-2020-3303",
"lastModified": "2024-11-21T05:30:46.210",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-06T17:15:13.137",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-dos-BqYFRJt9"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-400"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-09 11:58
Modified
2024-11-21 01:17
Severity ?
Summary
Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 8.0\(2\) | |
| cisco | adaptive_security_appliance | 8.0\(3\) | |
| cisco | adaptive_security_appliance | 8.0\(4\) | |
| cisco | adaptive_security_appliance | 8.0\(5\) | |
| cisco | adaptive_security_appliance | 8.1\(1\) | |
| cisco | adaptive_security_appliance | 8.1\(2\) | |
| cisco | adaptive_security_appliance | 8.2 | |
| cisco | adaptive_security_appliance | 8.2\(1\) | |
| cisco | adaptive_security_appliance | 8.2\(2\) | |
| cisco | adaptive_security_appliance_software | 8.0 | |
| cisco | asa_5500 | * | |
| cisco | asa_5505 | * | |
| cisco | asa_5510 | * | |
| cisco | asa_5520 | * | |
| cisco | asa_5540 | * | |
| cisco | asa_5550 | * | |
| cisco | asa_5580 | * | |
| cisco | pix_500 | * | |
| cisco | pix_501 | * | |
| cisco | pix_506e | * | |
| cisco | pix_firewall_506 | * | |
| cisco | pix_firewall_515 | * | |
| cisco | pix_firewall_520 | * | |
| cisco | pix_firewall_525 | * | |
| cisco | pix_firewall_535 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A904D03-264C-4B01-B2B6-12455106B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFA73BA5-D1C5-4561-86F1-5B37C64374E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la caracter\u00edstica de inspecci\u00f3n SIP en Cisco Adaptive Security Appliances (ASA) para dispositivos serie 5500 con software v8.0 anteriores a v8.0(5.17), v8.1 anteriores a v8.1(2.45), y v8.2 anteriores a v8.2(2.13), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante paquetes SIP manipulados, tambi\u00e9n conocido como Bug ID CSCtd32106."
}
],
"id": "CVE-2010-2816",
"lastModified": "2024-11-21T01:17:25.953",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-09T11:58:17.597",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/42189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42189"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-01 18:30
Modified
2024-11-21 01:01
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and earlier 7.2 versions including 7.2(2)22, and 8.0(4)28 and earlier 8.0 versions, when clientless mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the Host HTTP header.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 5520 | |
| cisco | ios | 7.2\(2\)22 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:5520:*:*:*:*:*:*:*",
"matchCriteriaId": "8A2E92E9-6319-47BF-92B3-41D978CEE6D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:7.2\\(2\\)22:*:*:*:*:*:*:*",
"matchCriteriaId": "92103922-950F-406F-82D7-B637718F7C6B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in +webvpn+/index.html in WebVPN on the Cisco Adaptive Security Appliances (ASA) 5520 with software 7.2(4)30 and earlier 7.2 versions including 7.2(2)22, and 8.0(4)28 and earlier 8.0 versions, when clientless mode is enabled, allows remote attackers to inject arbitrary web script or HTML via the Host HTTP header."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo cross-site scripting (XSS) en archivo +webvpn+/index.html en el WebVPN en los Adaptive Security Appliances (ASA) 5520 de Cisco con el software versiones 7.2(4)30 y anteriores a 7.2 incluyendo 7.2(2)22, y versiones 8.0(4)28 y anteriores a 8.0, cuando el modo clientless est\u00e1 habilitado, permite a los atacantes remotos inyectar script web o HTML arbitrario por medio del encabezado HTTP Host."
}
],
"id": "CVE-2009-1220",
"lastModified": "2024-11-21T01:01:56.503",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-01T18:30:00.610",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0478.html"
},
{
"source": "cve@mitre.org",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=17950"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502313/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/502932"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34307"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022122"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1169"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0478.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=17950"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502313/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/502932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/34307"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1169"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49528"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-06-25 17:30
Modified
2024-11-21 01:01
Severity ?
Summary
WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 8.0\(4\) | |
| cisco | adaptive_security_appliance | 8.1.2 | |
| cisco | adaptive_security_appliance | 8.2.1 | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "98CBFBF5-966C-48E8-BAFB-DED4E58098F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:8.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "13BC5744-8EB0-4BE3-A743-E95BCD6E2CC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:8.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7853F676-A9A4-4980-B698-19C60F4DD71F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709."
},
{
"lang": "es",
"value": "WebVPN en los dispositivos Cisco Adaptive Security Appliances (ASA) con software 8.0(4), 8.1.2, y 8.2.1 no distingue de manera apropiada su propia pantalla de login de las pantallas de login que produce para servidores (1) FTP and (2) CIFS de terceros, lo que facilita a atacantes remotos enga\u00f1ar a un usuario envi\u00e1ndole credenciales WebVPN para un servidor de su elecci\u00f3n mediante una URL asociada con este servidor, alias Bug ID CSCsy80709."
}
],
"id": "CVE-2009-1203",
"lastModified": "2024-11-21T01:01:54.117",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-06-25T17:30:00.267",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/35511"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/35475"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1022457"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1713"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35511"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/504516/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/35475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022457"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1713"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-10-21 19:15
Modified
2024-11-21 05:31
Severity ?
Summary
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DDD51404-99D0-45D6-8998-02861FF10108",
"versionEndExcluding": "9.6.4.45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2330600D-6AB1-4912-A595-2AE167853B93",
"versionEndIncluding": "6.2.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9D27DE97-510A-4761-8184-6940745B54E2",
"versionEndExcluding": "6.3.0.6",
"versionStartIncluding": "6.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53C69C8B-5A19-4613-8861-683CF21806B7",
"versionEndExcluding": "6.4.0.10",
"versionStartIncluding": "6.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3ED0E59C-146C-494F-AD46-F6FB43F9C575",
"versionEndExcluding": "6.5.0.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:6.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DCD69468-8067-4A5D-B2B0-EC510D889AA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BC125A5B-3544-4ABF-9A27-2596D717C22A",
"versionEndExcluding": "9.8.4.25",
"versionStartIncluding": "9.8.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E16D2CA3-B494-4348-BF0C-03969D1423D0",
"versionEndExcluding": "9.9.2.80",
"versionStartIncluding": "9.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF8B79C-41E6-4367-8A37-C1A41DA8345E",
"versionEndExcluding": "9.10.1.44",
"versionStartIncluding": "9.10.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D7A573BF-C6E7-4985-9B93-928584F7A986",
"versionEndExcluding": "9.12.4.2",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "00E5D38D-07C2-4543-96B0-7FB9582A37FB",
"versionEndExcluding": "9.13.1.12",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8353B0CD-5C3F-4F18-966B-DB43DA92838E",
"versionEndExcluding": "9.14.1.15",
"versionStartIncluding": "9.14.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition."
},
{
"lang": "es",
"value": "Una vulnerabilidad en la interfaz de servicios web de Cisco Adaptive Security Appliance (ASA) y Cisco Firepower Threat Defense (FTD) Software, podr\u00eda permitir a un atacante remoto no autenticado cargar archivos de tama\u00f1o arbitrario en carpetas espec\u00edficas en un dispositivo afectado, que podr\u00eda conllevar a una recarga inesperada del dispositivo.\u0026#xa0;La vulnerabilidad se presenta porque el software afectado no maneja de manera eficiente la escritura de archivos de gran tama\u00f1o en carpetas espec\u00edficas en el sistema de archivos local.\u0026#xa0;Un atacante podr\u00eda explotar esta vulnerabilidad mediante la carga de archivos en esas carpetas espec\u00edficas.\u0026#xa0;Una explotaci\u00f3n con \u00e9xito podr\u00eda permitir a un atacante escribir un archivo que desencadena un tiempo de espera del watchdog, lo que causar\u00eda la recarga inesperada del dispositivo, causando una condici\u00f3n de denegaci\u00f3n de servicio (DoS)"
}
],
"id": "CVE-2020-3436",
"lastModified": "2024-11-21T05:31:03.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "ykramarz@cisco.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 4.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-10-21T19:15:16.077",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-fileup-dos-zvC7wtys"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-25 12:00
Modified
2024-11-21 01:23
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 8.0\(2\) | |
| cisco | adaptive_security_appliance | 8.0\(3\) | |
| cisco | adaptive_security_appliance | 8.0\(4\) | |
| cisco | adaptive_security_appliance | 8.0\(5\) | |
| cisco | adaptive_security_appliance | 8.1\(1\) | |
| cisco | adaptive_security_appliance | 8.1\(2\) | |
| cisco | adaptive_security_appliance | 8.2 | |
| cisco | adaptive_security_appliance | 8.2\(1\) | |
| cisco | adaptive_security_appliance | 8.2\(2\) | |
| cisco | adaptive_security_appliance | 8.3 | |
| cisco | adaptive_security_appliance_software | 8.0 | |
| cisco | adaptive_security_appliance_software | 8.3\(1\) | |
| cisco | asa_5500 | * | |
| cisco | asa_5505 | * | |
| cisco | asa_5510 | * | |
| cisco | asa_5520 | * | |
| cisco | asa_5540 | * | |
| cisco | asa_5550 | * | |
| cisco | asa_5580 | * | |
| cisco | pix_500 | * | |
| cisco | pix_501 | * | |
| cisco | pix_506e | * | |
| cisco | pix_firewall_506 | * | |
| cisco | pix_firewall_515 | * | |
| cisco | pix_firewall_520 | * | |
| cisco | pix_firewall_525 | * | |
| cisco | pix_firewall_535 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A904D03-264C-4B01-B2B6-12455106B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFA73BA5-D1C5-4561-86F1-5B37C64374E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEA2295-5B38-45BC-9099-5A448482FB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.20), 8.1 before 8.1(2.48), 8.2 before 8.2(3), and 8.3 before 8.3(2.1), when the RIP protocol and the Cisco Phone Proxy functionality are configured, allow remote attackers to cause a denial of service (device reload) via a RIP update, aka Bug ID CSCtg66583."
},
{
"lang": "es",
"value": "Dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500 con el software v8.0 anterior a v8.0 (5.20), v8.1 anterior a v8.1 (2.48), v8.2 anterior a v8.2 (3), y v8.3 anterior a v8.3 (2.1), cuando el protocolo RIP y la funcionalidad Cisco Phone est\u00e1n configuradas, permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de una actualizaci\u00f3n RIP, tambi\u00e9n conocido como error ID CSCtg66583"
}
],
"id": "CVE-2011-0395",
"lastModified": "2024-11-21T01:23:52.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-25T12:00:19.260",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/43488"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1025108"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/43488"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14d.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1025108"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2011/0493"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65590"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-09-12 23:55
Modified
2024-11-21 01:43
Severity ?
Summary
The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | asa_cx_context-aware_security | * | |
| cisco | prime_security_manager | * | |
| cisco | adaptive_security_appliance | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:asa_cx_context-aware_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "718CFC7B-4DE5-41A2-A8BD-4745B60CC472",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:prime_security_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BDB591F-AB83-4968-BCA7-D5EA7196BDE3",
"versionEndIncluding": "9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603."
},
{
"lang": "es",
"value": "El m\u00f3dulo Cisco ASA-CX Context-Aware Security antes de v9.0.2-103 para dispositivos Adaptive Security Appliances (ASA) y Prime Security Manager (tambi\u00e9n conocidos como PRSM) antes de v9.0.2-103, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de disco y cuelgue de la aplicaci\u00f3n), a trav\u00e9s de paquetes IPv4 que activan entradas de registro. Tambi\u00e9n conocido como Bug ID CSCub70603"
}
],
"id": "CVE-2012-4629",
"lastModified": "2024-11-21T01:43:17.077",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-12T23:55:00.853",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55515"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55515"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-10-27 19:15
Modified
2024-11-21 06:11
Severity ?
4.7 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | firepower_threat_defense | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | adaptive_security_appliance_software | * | |
| cisco | asa_5512-x_firmware | 009.008 | |
| cisco | asa_5512-x_firmware | 009.015 | |
| cisco | asa_5512-x | - | |
| cisco | asa_5505_firmware | 009.008 | |
| cisco | asa_5505_firmware | 009.015 | |
| cisco | asa_5505 | - | |
| cisco | asa_5515-x_firmware | 009.008 | |
| cisco | asa_5515-x_firmware | 009.015 | |
| cisco | asa_5515-x | - | |
| cisco | asa_5525-x_firmware | 009.008 | |
| cisco | asa_5525-x_firmware | 009.015 | |
| cisco | asa_5525-x | - | |
| cisco | asa_5545-x_firmware | 009.008 | |
| cisco | asa_5545-x_firmware | 009.015 | |
| cisco | asa_5545-x | - | |
| cisco | asa_5555-x_firmware | 009.008 | |
| cisco | asa_5555-x_firmware | 009.015 | |
| cisco | asa_5555-x | - | |
| cisco | asa_5580_firmware | 009.008 | |
| cisco | asa_5580_firmware | 009.015 | |
| cisco | asa_5580 | - | |
| cisco | asa_5585-x_firmware | 009.008 | |
| cisco | asa_5585-x_firmware | 009.015 | |
| cisco | asa_5585-x | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8C7F329B-4EF5-411A-9AB6-02E6A4162D6D",
"versionEndExcluding": "9.8.4.40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FAE65CB5-08E5-41B6-9AC0-02451C90E833",
"versionEndExcluding": "6.4.0.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18589C74-19D2-44F0-AF26-68910E26655D",
"versionEndExcluding": "6.6.5",
"versionStartIncluding": "6.5.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FDDF492B-BC61-4814-B05F-3F6CD07080F7",
"versionEndExcluding": "6.7.0.2",
"versionStartIncluding": "6.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE618915-7057-4229-9672-0BCE77B6F67C",
"versionEndExcluding": "9.12.4.18",
"versionStartIncluding": "9.12.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "185792EB-E12D-4ABD-938F-68EB7F65FA3C",
"versionEndExcluding": "9.14.2.15",
"versionStartIncluding": "9.13.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D6DA106A-A2D9-4F9F-AF9B-88F67A8589FC",
"versionEndExcluding": "9.15.1.15",
"versionStartIncluding": "9.15.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "1C8EAF9E-15BB-4565-A131-B0B3F9E98B50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5512-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "D81100E4-D5B3-4953-9EB3-A4335A96B0FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5512-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "08F0F160-DAD2-48D4-B7B2-4818B2526F35",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "446D3F11-4E33-417E-8BC5-A0ADA2336748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5505_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "EF62190B-96EE-4295-BF8B-5A8F65876979",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5505:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8E6A8BB7-2000-4CA2-9DD7-89573CE4C73A",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "649BB8A1-7665-4312-9D34-8823CD8031B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5515-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "2008D416-C0D8-41DB-9088-553665643A4D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5515-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "977D597B-F6DE-4438-AB02-06BE64D71EBE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "6D4DC944-D1C0-400F-92A2-852BED71210C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5525-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "1CB81E9A-3CFF-406A-83D3-A62A650D1583",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5525-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB71EB29-0115-4307-A9F7-262394FD9FB0",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "2F1951B0-E631-475B-9AC2-DD3EFC842D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5545-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "D5054127-B933-4FBB-87D9-F90168ADE8A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5545-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57179F60-E330-4FF0-9664-B1E4637FF210",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "5FCA70F5-B62E-449E-BFB5-FE52039A43CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5555-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "603C4110-1A74-4698-9882-F23FF05803BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5555-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5535C936-391B-4619-AA03-B35265FC15D7",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B105A6-008E-46E4-8789-C718962C1F46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5580_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "5FB5240E-52F4-4A1E-8B5B-25A6446A2BF9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5580:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D1E828B8-5ECC-4A09-B2AD-DEDC558713DE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.008:*:*:*:*:*:*:*",
"matchCriteriaId": "C662CBD3-FA7F-4BD4-8867-9796B38926A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:asa_5585-x_firmware:009.015:*:*:*:*:*:*:*",
"matchCriteriaId": "1234B4DC-4C8E-48B5-BD05-01843C8083D5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5585-x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16AE20C2-C77E-4E04-BF13-A48696E52426",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG. For more information about these vulnerabilities, see the Details section of this advisory. Note: These vulnerabilities have been publicly discussed as NAT Slipstreaming."
},
{
"lang": "es",
"value": "Varias vulnerabilidades en la Puerta de Enlace de Nivel de Aplicaci\u00f3n (ALG) para la funcionalidad Network Address Translation (NAT) del software Cisco Adaptive Security Appliance (ASA) y el software Firepower Threat Defense (FTD) podr\u00edan permitir a un atacante remoto no autenticado omitir la ALG y abrir conexiones no autorizadas con un host situado detr\u00e1s de la ALG. Para conseguir m\u00e1s informaci\u00f3n sobre estas vulnerabilidades, consulte la secci\u00f3n Detalles de este aviso. Nota: Estas vulnerabilidades se han discutido p\u00fablicamente como NAT Slipstreaming"
}
],
"id": "CVE-2021-34791",
"lastModified": "2024-11-21T06:11:12.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-10-27T19:15:08.457",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-358"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-06-26 19:55
Modified
2024-11-21 01:53
Severity ?
Summary
The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance | 9.1.1 | |
| cisco | adaptive_security_appliance | 9.1.1.1 | |
| cisco | adaptive_security_appliance | 9.1.1.2 | |
| cisco | adaptive_security_appliance | 9.1.1.3 | |
| cisco | adaptive_security_appliance | 9.1.1.4 | |
| cisco | adaptive_security_appliance | 9.1.1.5 | |
| cisco | adaptive_security_appliance | 9.1.1.6 | |
| cisco | adaptive_security_appliance | 9.1.1.7 | |
| cisco | adaptive_security_appliance | 9.1.1.8 | |
| cisco | adaptive_security_appliance | 9.1.2 | |
| cisco | adaptive_security_appliance | 9.1.2.1 | |
| cisco | adaptive_security_appliance | 9.1.2.2 | |
| cisco | adaptive_security_appliance | 9.1.2.3 | |
| cisco | adaptive_security_appliance | 9.1.2.4 | |
| cisco | adaptive_security_appliance | 9.1.2.5 | |
| cisco | adaptive_security_appliance | 9.1.2.6 | |
| cisco | adaptive_security_appliance | 9.1.2.7 | |
| cisco | adaptive_security_appliance | 9.1.2.8 | |
| cisco | adaptive_security_appliance | 9.1.2.9 | |
| cisco | adaptive_security_appliance | 9.1.2.10 | |
| cisco | adaptive_security_appliance | 9.1.2.11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B0E6A878-C55F-4A49-A857-64F3B2CBDA60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "534EEEA2-A942-4CD7-8120-48E97158F8AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C8102F30-57AA-4A10-AF4A-1A8F37B79739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6D3765C-D0FF-47A3-967B-489289DB832F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FFBCF112-ED3A-4DC7-B168-7AE7BF4F91EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D5124810-EEEE-4057-8E59-6E6232682DC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "77862410-47B9-466B-9212-E91C1F061034",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4E1EB13C-B158-4D12-AD19-7412F121B366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "2EDB6F7F-5A7E-4D8E-9680-28EEA6D1B786",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D94A2FD5-F893-4A27-8FB0-23122DB38B52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7483083A-04F3-400B-9205-76B842B99183",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "02C3B25E-F578-419A-A9BB-7B34F1C92C12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "06019610-E5C2-472D-A5A0-F7F625499F0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0105E462-0D0F-417A-962E-80B54A6EE9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "082651C1-1483-4A43-8702-605C37BEB851",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "24D5F222-7546-4103-98C7-6A803E417940",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B267AB87-29A4-4E81-8672-858B0D5AABDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "ED56B958-44F9-4D23-BA27-5C161E34774E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "DC4CDCC6-28E6-4A4F-B5EC-6DA5C10EEF84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E9596E9A-0594-44C9-9FF8-0A6820D3B98C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:9.1.2.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D3CCE47A-19B7-4671-9430-78F1BFC0625B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Next-Generation Firewall (aka NGFW, formerly CX Context-Aware Security) module 9.x before 9.1.1.9 and 9.1.2.x before 9.1.2.12 for Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload or traffic-processing outage) via fragmented (1) IPv4 or (2) IPv6 traffic, aka Bug ID CSCue88387."
},
{
"lang": "es",
"value": "El m\u00f3dulo Next-Generation Firewall (aka NGFW, conocido como CX Context-Aware Security) 9.x anterior a 9.1.1.9 y 9.1.2.x anterior a 9.1.2.12 para dispositivos Cisco Adaptive Security Appliances (ASA), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga de dispositivo o apagado del procesamiento de tr\u00e1fico) a trav\u00e9s de tr\u00e1fico (1) IPv4 o (2) IPv6 fragmentado. Aka Bug ID CSCue88387."
}
],
"id": "CVE-2013-3382",
"lastModified": "2024-11-21T01:53:31.507",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-26T19:55:01.103",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-ngfw"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-ngfw"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-09 11:58
Modified
2024-11-21 01:14
Severity ?
Summary
Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "06688558-3990-4907-9969-B1462ED82DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5291408-8B29-48F4-9579-E7130382850F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2BB254-1F22-4445-9A20-45881240C1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la caracter\u00edstica de inspecci\u00f3n SunRPC en dispositivos Cisco Adaptive Security Appliances (ASA) serie 5500 con software v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.19), v8.1 anteriores a v8.1(2.47), y v8.2 anteriores a v8.2(2) y Cisco PIX Security Appliances 500, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante un mensajes SunRPC manipulados, tambi\u00e9n conocido como Bug ID CSCtc85753."
}
],
"id": "CVE-2010-1580",
"lastModified": "2024-11-21T01:14:43.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-09T11:58:16.207",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-18 21:55
Modified
2024-11-21 01:46
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | 8.4 | |
| cisco | adaptive_security_appliance | * | |
| cisco | asa_1000v_cloud_firewall | - | |
| cisco | asa_5500 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_1000v_cloud_firewall:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9182B547-0BCA-4700-8F3E-257EB5D4D4F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775."
},
{
"lang": "es",
"value": "Dispositivos Cisco Adaptive Security Appliances (ASA) con firmware v8.4 no valida correctamente entradas no especificadas relacionados con los nombres de ruta UNC, permitiendo a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda de dispositivo) a trav\u00e9s de vectores desconocidos, ID de error alias CSCuc65775."
}
],
"id": "CVE-2012-6395",
"lastModified": "2024-11-21T01:46:05.030",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-01-18T21:55:01.073",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/51955"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6395"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1028009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51955"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1028009"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-08-09 11:58
Modified
2024-11-21 01:14
Severity ?
Summary
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "06688558-3990-4907-9969-B1462ED82DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F5291408-8B29-48F4-9579-E7130382850F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE2BB254-1F22-4445-9A20-45881240C1F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "81B53285-7486-47E0-8447-44ECA57A392C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E0D62E55-845B-49DD-93AA-9D8E7B755F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "33E6756C-407E-4236-85A1-953F9FF6799A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "825E3056-F420-476D-957E-A22B164BD0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC516FF2-7C0D-4F58-B61B-34FE7294DC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BDD95F2F-1C0E-4673-AE36-1BAF40EC7CC0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A904D03-264C-4B01-B2B6-12455106B37D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "74826084-14BB-47C4-9EE3-56C3CF206724",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CFA73BA5-D1C5-4561-86F1-5B37C64374E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CDEA2295-5B38-45BC-9099-5A448482FB59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FE82E4AC-BE77-4A45-839F-45163D64A4C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*",
"matchCriteriaId": "B521F270-2D51-48BE-BC29-0EDED33FA30B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*",
"matchCriteriaId": "39BA51CC-2ADA-4527-8D47-D821BBFA5EFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9C73F417-0CF4-4E78-9B33-939F0E41994E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*",
"matchCriteriaId": "67BABA2F-EE28-4914-8130-6768EC599B65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C912270C-6ABB-4149-8E67-96028B45C312",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*",
"matchCriteriaId": "EB2631B6-F238-4FE3-AA34-703FFB6D6803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*",
"matchCriteriaId": "80F1C112-F1C1-4703-8EE0-2FC9F8B233CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CC223DE2-90CA-43CD-8EBF-C9C351D10187",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*",
"matchCriteriaId": "46FB0E87-E81A-4DF8-8A01-0D0727949D87",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CCFC8F36-ABFD-429F-AC2C-60BB481EECB9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1BBFC985-514D-477B-B881-BB8ABEDFA59B",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*",
"matchCriteriaId": "193CF237-BBE5-4016-8167-24808FA52CBD",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*",
"matchCriteriaId": "427C9F27-ACE4-416B-9723-2AEECF9AB9CF",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5F5BF0-E96E-4FD3-B210-1E0F96AF4249",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*",
"matchCriteriaId": "01B0A1E7-F882-4FD8-811A-3D6D0A9FC938",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2F353E8D-FE19-4683-BD35-FFBF503C45DE",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E346F334-9BA3-4BDC-8D0F-D749A7D76E66",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EE5C14-F556-48A5-BB3F-5465DC823B85",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*",
"matchCriteriaId": "32E437F4-1B19-4B57-9EAD-3AC04717E389",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*",
"matchCriteriaId": "29B2019F-DF6E-4924-B0D2-37094B5265F9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9600B7CF-4AEB-4319-8EF4-4FEA40EF6367",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la implementaci\u00f3n de Transport Layer Security (TLS) en Cisco Adaptive Security Appliances (ASA) para dispositivos de la serie 5500 con software v7.2 anteriores a v7.2(5), v8.0 anteriores a v8.0(5.15), v8.1 anteriores a v8.1(2.44), v8.2 anteriores a v8.2(2.17), y v8.3 anteriores a v8.3(1.6) y Cisco PIX Security Appliances para dispositivos de la serie 500, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) mediante secuencias de paquetes TLS manipulados, tambi\u00e9n conocido como Bug ID CSCtd32627."
}
],
"id": "CVE-2010-1581",
"lastModified": "2024-11-21T01:14:43.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-08-09T11:58:16.253",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/42187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/40842"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/42187"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}