cve-2010-4679
Vulnerability from cvelistv5
Published
2011-01-07 11:00
Modified
2024-08-07 03:51
Severity ?
EPSS score ?
Summary
Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:51:18.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1024963",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1024963"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
},
{
"name": "45767",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/45767"
},
{
"name": "42931",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42931"
},
{
"name": "asa-ocsp-dos(64605)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64605"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-09-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1024963",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1024963"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
},
{
"name": "45767",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/45767"
},
{
"name": "42931",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42931"
},
{
"name": "asa-ocsp-dos(64605)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64605"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1024963",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1024963"
},
{
"name": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf",
"refsource": "CONFIRM",
"url": "http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf"
},
{
"name": "45767",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/45767"
},
{
"name": "42931",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42931"
},
{
"name": "asa-ocsp-dos(64605)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64605"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4679",
"datePublished": "2011-01-07T11:00:00",
"dateReserved": "2011-01-06T00:00:00",
"dateUpdated": "2024-08-07T03:51:18.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"8.2\\\\(2\\\\)\", \"matchCriteriaId\": \"808F70E1-4528-47A1-8DA8-CB90D8A166B6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85ED2D96-5CC9-4851-986A-C9ED5E2D96CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(0\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"15ECB359-7290-4732-96F2-AFCEE21C7899\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(2\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3DA2F01C-ECF1-477B-A413-75D0EB817079\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(4\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC150564-7413-401A-9DD8-8AD773F1D8F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(5\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D0714F9E-75AD-4405-BBC3-E0D817C05EF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(5.2\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D9649696-DE81-48C7-A276-17E1ECADAD5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(6.7\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F31A44B7-7DD8-4ECF-9BA0-7D1983A2DB09\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7632C245-04C6-4E78-87B7-55CCCA6FD6C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EA0DDDD-C987-4DA6-ADEE-77B387C26A92\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E84099EB-2535-4A9F-8355-FF937CFBD122\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C599F894-DAD2-4231-8BB8-1427E7C02D60\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"49696766-ECCE-4903-AA54-271EFEA58B8D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C1F60C12-71C9-47C6-B43F-A0374419D736\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C853CD9-F451-406E-A515-3BDC34E55639\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD7C28DC-B15F-486B-96F1-D08529B7374A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B03A1408-A55A-4482-B239-B13094B13BFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*\", \"matchCriteriaId\": \"62DC7025-F067-45CB-BEA6-ED16A5BD2896\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1557499-D1A1-4A26-80DA-A3D66AA53580\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.5\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2649C78C-D742-4E6F-950F-54BF7CF797C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.27\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"469CFE0C-6319-46F3-8D31-4850F5E6A830\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.48\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4333600F-0277-4D6C-922E-53FA01CF3C2E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.49\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"35AFDFE9-CCC9-453B-A081-939D1D554379\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(5\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C82C545-6796-4B67-A97D-0435D41C63C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AA336EBF-FA9A-4B80-A486-446A1C4B72F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8B53107-BCD0-4D3E-B090-91D6BD6139C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C926091-D9A6-4264-8E9A-52AFCBC09D34\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(1\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FE82E4AC-BE77-4A45-839F-45163D64A4C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(1.22\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.5\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.7\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B521F270-2D51-48BE-BC29-0EDED33FA30B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.8\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39BA51CC-2ADA-4527-8D47-D821BBFA5EFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.10\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C73F417-0CF4-4E78-9B33-939F0E41994E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.14\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67BABA2F-EE28-4914-8130-6768EC599B65\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.15\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C912270C-6ABB-4149-8E67-96028B45C312\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.16\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB2631B6-F238-4FE3-AA34-703FFB6D6803\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.17\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F1C112-F1C1-4703-8EE0-2FC9F8B233CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.18\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D55D3385-FEE7-44AA-A65A-50924FDC1BFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.19\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC223DE2-90CA-43CD-8EBF-C9C351D10187\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.48\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E853B8BF-07F5-46DF-8DEA-302F68B8B086\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"95627941-30D8-452F-B6C8-76D2BEE93514\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"364CA0EA-F85E-4C4B-96D8-A7256F413844\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"67AB954E-D1F4-4B29-B782-2E9917D82DE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DA3389C-86FE-45F7-97D7-E3386403944F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"656D49C2-4F2E-4369-8933-FF74A3CD51EF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C68E73D6-A207-4276-A972-52B859CD958A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E406214-2776-42C2-B777-92E6420FBFBF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\\\(1\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73BA05D1-78A7-4F90-9448-3F2011EE3EF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8F2C8AFA-A4B6-44A2-B00C-1950997493C0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"465313C5-BFB9-458A-8150-8F7BA1F8C386\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*\", \"matchCriteriaId\": \"9C808D46-C846-4C53-A713-150C3FED3FAB\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CB79D96-75EA-4B4F-99A7-9AB4158B7301\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6FCBA3A3-7C8F-481A-9BEC-78981547F8BE\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816.\"}, {\"lang\": \"es\", \"value\": \"Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) no manejan apropiadamente los fallos de conexi\\u00f3n de OCSP (\\\"Online Certificate Status Protocol\\\"), lo que permite a los emisarios de respuestas OCSP provocar una denegaci\\u00f3n de servicio (consumo de todos los sockets TCP) rechazando intentos de conexi\\u00f3n. Tambi\\u00e9n conocido como Bug ID CSCsz36816.\"}]",
"id": "CVE-2010-4679",
"lastModified": "2024-11-21T01:21:30.190",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2011-01-07T12:00:50.233",
"references": "[{\"url\": \"http://secunia.com/advisories/42931\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/45767\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1024963\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/64605\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/42931\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/45767\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1024963\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/64605\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2010-4679\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2011-01-07T12:00:50.233\",\"lastModified\":\"2024-11-21T01:21:30.190\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816.\"},{\"lang\":\"es\",\"value\":\"Los dispositivos Cisco Adaptive Security Appliances (ASA) 5500 series con software anterior a 8.2(3) no manejan apropiadamente los fallos de conexi\u00f3n de OCSP (\\\"Online Certificate Status Protocol\\\"), lo que permite a los emisarios de respuestas OCSP provocar una denegaci\u00f3n de servicio (consumo de todos los sockets TCP) rechazando intentos de conexi\u00f3n. Tambi\u00e9n conocido como Bug ID CSCsz36816.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"8.2\\\\(2\\\\)\",\"matchCriteriaId\":\"808F70E1-4528-47A1-8DA8-CB90D8A166B6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85ED2D96-5CC9-4851-986A-C9ED5E2D96CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(0\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"15ECB359-7290-4732-96F2-AFCEE21C7899\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3DA2F01C-ECF1-477B-A413-75D0EB817079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(4\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC150564-7413-401A-9DD8-8AD773F1D8F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0714F9E-75AD-4405-BBC3-E0D817C05EF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(5.2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9649696-DE81-48C7-A276-17E1ECADAD5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0\\\\(6.7\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F31A44B7-7DD8-4ECF-9BA0-7D1983A2DB09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7632C245-04C6-4E78-87B7-55CCCA6FD6C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EA0DDDD-C987-4DA6-ADEE-77B387C26A92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E84099EB-2535-4A9F-8355-FF937CFBD122\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C599F894-DAD2-4231-8BB8-1427E7C02D60\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.4.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49696766-ECCE-4903-AA54-271EFEA58B8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1F60C12-71C9-47C6-B43F-A0374419D736\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C853CD9-F451-406E-A515-3BDC34E55639\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD7C28DC-B15F-486B-96F1-D08529B7374A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B03A1408-A55A-4482-B239-B13094B13BFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0.8:interim:*:*:*:*:*:*\",\"matchCriteriaId\":\"62DC7025-F067-45CB-BEA6-ED16A5BD2896\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E623855-FB2B-4B8A-85E8-B8DC29A3FBB0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1557499-D1A1-4A26-80DA-A3D66AA53580\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2649C78C-D742-4E6F-950F-54BF7CF797C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.27\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"469CFE0C-6319-46F3-8D31-4850F5E6A830\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.48\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4333600F-0277-4D6C-922E-53FA01CF3C2E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(2.49\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35AFDFE9-CCC9-453B-A081-939D1D554379\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C82C545-6796-4B67-A97D-0435D41C63C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AA336EBF-FA9A-4B80-A486-446A1C4B72F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B53107-BCD0-4D3E-B090-91D6BD6139C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C926091-D9A6-4264-8E9A-52AFCBC09D34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE82E4AC-BE77-4A45-839F-45163D64A4C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(1.22\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B84E46E-E5CA-4EEC-87C3-FD818EA37DFE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95B934A6-6C23-4A3F-A5F1-BCE0F0F3295A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B25C03A-CADD-4B10-B4C9-674A4DEBDEE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.7\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B521F270-2D51-48BE-BC29-0EDED33FA30B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.8\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39BA51CC-2ADA-4527-8D47-D821BBFA5EFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.10\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C73F417-0CF4-4E78-9B33-939F0E41994E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.14\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67BABA2F-EE28-4914-8130-6768EC599B65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.15\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C912270C-6ABB-4149-8E67-96028B45C312\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.16\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB2631B6-F238-4FE3-AA34-703FFB6D6803\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.17\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F1C112-F1C1-4703-8EE0-2FC9F8B233CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.18\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55D3385-FEE7-44AA-A65A-50924FDC1BFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.19\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC223DE2-90CA-43CD-8EBF-C9C351D10187\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2\\\\(2.48\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3DF7D4C-48F4-4138-80EA-7AEEB8AFE498\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E853B8BF-07F5-46DF-8DEA-302F68B8B086\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"95627941-30D8-452F-B6C8-76D2BEE93514\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"364CA0EA-F85E-4C4B-96D8-A7256F413844\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"67AB954E-D1F4-4B29-B782-2E9917D82DE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DA3389C-86FE-45F7-97D7-E3386403944F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"656D49C2-4F2E-4369-8933-FF74A3CD51EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C68E73D6-A207-4276-A972-52B859CD958A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E406214-2776-42C2-B777-92E6420FBFBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\\\(1\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73BA05D1-78A7-4F90-9448-3F2011EE3EF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F2C8AFA-A4B6-44A2-B00C-1950997493C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"465313C5-BFB9-458A-8150-8F7BA1F8C386\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C808D46-C846-4C53-A713-150C3FED3FAB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CB79D96-75EA-4B4F-99A7-9AB4158B7301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FCBA3A3-7C8F-481A-9BEC-78981547F8BE\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/42931\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/45767\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1024963\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64605\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/42931\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/45767\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1024963\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/64605\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.