FKIE_CVE-2012-5717

Vulnerability from fkie_nvd - Published: 2013-01-18 21:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717Vendor Advisory
Impacted products
Vendor Product Version
cisco adaptive_security_appliance_software 8.0
cisco adaptive_security_appliance_software 8.0\(2\)
cisco adaptive_security_appliance_software 8.0\(3\)
cisco adaptive_security_appliance_software 8.0\(4\)
cisco adaptive_security_appliance_software 8.0\(5\)
cisco adaptive_security_appliance_software 8.0.2
cisco adaptive_security_appliance_software 8.0.3
cisco adaptive_security_appliance_software 8.0.4
cisco adaptive_security_appliance_software 8.0.5
cisco adaptive_security_appliance_software 8.1
cisco adaptive_security_appliance_software 8.2
cisco adaptive_security_appliance_software 8.2\(1\)
cisco adaptive_security_appliance_software 8.2\(2\)
cisco adaptive_security_appliance_software 8.2\(3\)
cisco adaptive_security_appliance_software 8.2\(3.9\)
cisco adaptive_security_appliance_software 8.2\(4\)
cisco adaptive_security_appliance_software 8.2\(4.1\)
cisco adaptive_security_appliance_software 8.2\(4.4\)
cisco adaptive_security_appliance_software 8.2\(5\)
cisco adaptive_security_appliance_software 8.2.1
cisco adaptive_security_appliance_software 8.2.2
cisco adaptive_security_appliance_software 8.2.2
cisco adaptive_security_appliance_software 8.2.3
cisco adaptive_security_appliance_software 8.3\(1\)
cisco adaptive_security_appliance_software 8.3\(2\)
cisco adaptive_security_appliance_software 8.3.1
cisco adaptive_security_appliance_software 8.3.1
cisco adaptive_security_appliance_software 8.3.2
cisco adaptive_security_appliance_software 8.4
cisco adaptive_security_appliance_software 8.4\(1\)
cisco adaptive_security_appliance *
cisco asa_1000v_cloud_firewall -
cisco asa_5500 *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "788C1177-EA1F-4C89-B4D2-C3939C45472C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "31E7CB8A-17DF-43EB-9BCB-F2E5293C949F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AAFE1219-5B88-4A41-B1FA-0E3BA9FDA14A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "04B97D0B-974E-48E7-A5F1-AB572ACB7829",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "656D49C2-4F2E-4369-8933-FF74A3CD51EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C68E73D6-A207-4276-A972-52B859CD958A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E406214-2776-42C2-B777-92E6420FBFBF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2185ED62-166C-4F43-ACA2-C1EF43C48D47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "785388F5-E76A-4762-B498-35F69CE537AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "73BA05D1-78A7-4F90-9448-3F2011EE3EF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C2C6ABC8-767A-4B7D-A286-F9C6DF61AC6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "33F24697-0124-4326-8499-29931D57D246",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3.9\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A7236893-3EE9-4DBE-8A75-5294FD82E922",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "97E5BC7E-399F-4FD2-8024-2F4F621BC577",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "22E1D918-A52E-4892-9D0D-EE3E21853BD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "333BCB8C-5B17-4EF7-9BFF-0F6B038BE38F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CA8018B5-4392-4D14-A017-80D325FBCB2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F2C8AFA-A4B6-44A2-B00C-1950997493C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "465313C5-BFB9-458A-8150-8F7BA1F8C386",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*",
              "matchCriteriaId": "9C808D46-C846-4C53-A713-150C3FED3FAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C15D1F6-997D-47FD-A654-AEF3332E6105",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5990B883-0B5A-44F0-B4DC-8031ED0F2026",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:interim:*:*:*:*:*:*",
              "matchCriteriaId": "E5A002AD-3EB0-43CB-AFAF-4A44DAF11007",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7F417BC-5835-4F29-8DB6-03A62B7B2364",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_1000v_cloud_firewall:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9182B547-0BCA-4700-8F3E-257EB5D4D4F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Adaptive Security Appliances (ASA) devices with firmware 8.x through 8.4(1) do not properly manage SSH sessions, which allows remote authenticated users to cause a denial of service (device crash) by establishing multiple sessions, aka Bug ID CSCtc59462."
    },
    {
      "lang": "es",
      "value": "Dispositivos Cisco Adaptive Security Appliances (ASA) con firmware v8.x hasta v8.4(1) no gestiona correctamente sesiones SSH, permitiendo a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (ca\u00edda de dispositivo) establecinedo m\u00faltiples sesiones, tambien conocido como Bug ID CSCtc59462."
    }
  ],
  "id": "CVE-2012-5717",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-01-18T21:55:00.900",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5717"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.