FKIE_CVE-2010-0151

Vulnerability from fkie_nvd - Published: 2010-02-19 17:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message.
References
psirt@cisco.comhttp://osvdb.org/62432
psirt@cisco.comhttp://secunia.com/advisories/38621Vendor Advisory
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtmlPatch, Vendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/38274
psirt@cisco.comhttp://www.securitytracker.com/id?1023609
psirt@cisco.comhttp://www.vupen.com/english/advisories/2010/0418
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/56333
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/62432
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38621Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/38274
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1023609
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0418
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/56333
Impacted products
Vendor Product Version
cisco firewall_services_module 4.0
cisco firewall_services_module 4.0\(4\)
cisco firewall_services_module 4.0\(6\)
cisco 5500_series_adaptive_security_appliance *
cisco 5505_series_adaptive_security_appliance *
cisco 5510_series_adaptive_security_appliance *
cisco 5520_series_adaptive_security_appliance *
cisco 5540_series_adaptive_security_appliance *
cisco 5550_series_adaptive_security_appliance *
cisco 5580_series_adaptive_security_appliance *
cisco asa_5500 *
cisco catalyst_6500 *
cisco catalyst_7600 *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:firewall_services_module:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "26535762-EE50-4C4F-831E-A0ABFF4ADAF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:firewall_services_module:4.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "ADDB8F07-38B4-498D-9455-9414B69A0626",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:firewall_services_module:4.0\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "5113E779-7205-4761-9B5D-E6B254F48F49",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5505_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE68D7A3-E7A5-4739-8808-2B5FB61F9CED",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5510_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "38121FAF-1F69-415A-A62D-DBEE90729F01",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5520_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D94FFC7A-43F7-4292-864B-56CC978375AF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5540_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BC7F46C-AADA-4D82-AA3C-28563A41FCCB",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5550_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A592194-AF27-493F-8200-DFB8EAB6BCE8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:5580_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1952453-31B6-4FDD-955B-C46C065EB81B",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:cisco:catalyst_7600:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8D63186-5834-448C-98F2-0C189A11D25D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message."
    },
    {
      "lang": "es",
      "value": "El Cisco Firewall Services Module (FWSM) v4.0 anterior a v4.0(8), que se utiliza en los switches Cisco Catalyst 6500, routers Cisco 7600 y ASA 5500 Adaptive Security Appliances, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue) a trav\u00e9s de mensajes malformados del Skinny Client Control Protocol (SCCP)."
    }
  ],
  "evaluatorImpact": "Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml\r\n\r\n\"All non-fixed 4.x versions of Cisco FWSM Software are affected by this vulnerability if SCCP inspection is enabled. SCCP inspection is enabled by default.\"",
  "id": "CVE-2010-0151",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-02-19T17:30:00.787",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://osvdb.org/62432"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38621"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/38274"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1023609"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2010/0418"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/62432"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/38621"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/38274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1023609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0418"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56333"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.