FKIE_CVE-2013-1155

Vulnerability from fkie_nvd - Published: 2013-04-11 10:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624.
References
psirt@cisco.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsmVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsmVendor Advisory
Impacted products
Vendor Product Version
cisco firewall_services_module_software 3.1
cisco firewall_services_module_software 3.2
cisco firewall_services_module_software 3.2\(1\)
cisco firewall_services_module_software 3.2\(2\)
cisco firewall_services_module_software 3.2\(3\)
cisco firewall_services_module_software 3.2\(4\)
cisco firewall_services_module_software 3.2\(5\)
cisco firewall_services_module_software 3.2\(6\)
cisco firewall_services_module_software 3.2\(7\)
cisco firewall_services_module_software 3.2\(8\)
cisco firewall_services_module_software 3.2\(9\)
cisco firewall_services_module_software 3.2\(10\)
cisco firewall_services_module_software 3.2\(11\)
cisco firewall_services_module_software 3.2\(12\)
cisco firewall_services_module_software 3.2\(13\)
cisco firewall_services_module_software 3.2\(14\)
cisco firewall_services_module_software 3.2\(15\)
cisco firewall_services_module_software 3.2\(16\)
cisco firewall_services_module_software 3.2\(17\)
cisco firewall_services_module_software 3.2\(18\)
cisco firewall_services_module_software 3.2\(19\)
cisco firewall_services_module_software 3.2\(20\)
cisco firewall_services_module_software 4.0
cisco firewall_services_module_software 4.0\(1\)
cisco firewall_services_module_software 4.0\(2\)
cisco firewall_services_module_software 4.0\(3\)
cisco firewall_services_module_software 4.0\(4\)
cisco firewall_services_module_software 4.0\(5\)
cisco firewall_services_module_software 4.0\(6\)
cisco firewall_services_module_software 4.0\(7\)
cisco firewall_services_module_software 4.0\(8\)
cisco firewall_services_module_software 4.0\(10\)
cisco firewall_services_module_software 4.0\(11\)
cisco firewall_services_module_software 4.0\(12\)
cisco firewall_services_module_software 4.0\(13\)
cisco firewall_services_module_software 4.0\(14\)
cisco firewall_services_module_software 4.0\(15\)
cisco firewall_services_module_software 4.1
cisco firewall_services_module_software 4.1\(1\)
cisco firewall_services_module_software 4.1\(2\)
cisco firewall_services_module_software 4.1\(3\)
cisco firewall_services_module_software 4.1\(4\)
cisco firewall_services_module_software 4.1\(5\)
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1D05BC0-BC8F-4598-B472-77FF7EE0AA09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62AD07-006D-4AD6-A8E9-68EB3D930700",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3F425EA4-40A6-4FD7-B2C4-150A4517AD55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B7304563-4DC9-4A0E-9AB5-DC852F58FAA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "774D4F68-8331-4160-8DEB-6606D1739BCA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "21E72AE6-BB0C-44E8-AA28-CE19C5551725",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A71325A3-E02C-47EC-A9F3-86998B4C54CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2BE5DE70-5D5A-4221-8E17-CABBDD990283",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FB9669-5D07-48CC-AB64-C82E058A2AA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A8BF33E0-6C8C-4921-A5E3-0AFD92130180",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(9\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "00F3EBCC-F77B-49FE-9894-BD03936935CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(10\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "2017BA46-5824-4B39-B547-CBD80B245A52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9D43ED9B-2910-4391-9370-ED622648DB68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DD4127BD-DC08-4352-810B-752C849AA49C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(13\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E1D53FAA-401B-4530-BB75-A0D2F0CBD9F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(14\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "D2009145-F6C0-4275-A56E-E31006709A6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(15\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "481B5609-CA88-4E8A-AC84-17CCA2D81D34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(16\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3F11F12F-96AC-4A1D-B995-B0E020F2574C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(17\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C32B7601-AA90-421B-80F4-CC11CE390563",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(18\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "789FE084-1D9B-4779-AF61-0FDE97D2DC0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(19\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E93E5289-2866-4251-859C-A33B877E8EE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:3.2\\(20\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "965D54CB-A558-4140-83D6-3BAD9A38FE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0A0377-13AC-4834-A266-AFCAC9FE2938",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "404B0B52-90EA-4E5D-B43C-1FE8144EAFDE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "B2C62050-0BD8-45B5-B7E6-CEF4426EEF43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3D30BED1-091A-46FB-A274-1778F1025849",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "E37188FD-7BAE-447A-83A4-C644AE2B4B3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "CF89057D-7C5F-428D-A15D-F386F61590D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(6\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "FE2C1AB7-7A5D-4B8B-96B3-2DDE2A3322E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(7\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3DEFB820-3031-4B4B-AE02-FCF2527B3BF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(8\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "DB820815-EF7F-44F8-9330-CD879197D0A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(10\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1E61AFCA-5E0A-4BAF-873A-B8D2D7C5BA4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1AE71162-46E5-455D-BA7D-C4E2DFE8F199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(12\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "84DC9BC4-0803-4572-ACB9-136353618996",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(13\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C7B2E3F1-7E16-414D-B14C-98CBBAA35D7E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(14\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "279A740A-F87F-43F3-851F-BCFC09E37A1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.0\\(15\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "14E40E7E-892D-4975-86BD-31D28A635D30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F37864F5-F1CF-4BA9-A169-FE8EF4BC98B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6FCC030F-526B-4900-AD5A-9E1591FF767C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "99B72A5F-9251-476C-9071-19C06490A363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.1\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1E1B7437-8A7A-484E-983B-32E878BF091F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.1\\(4\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "81DFE660-9C82-43BE-84B6-C584EF6D85A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:firewall_services_module_software:4.1\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "A9F9EA36-2A8C-4C15-B0A9-E0E410610F25",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624."
    },
    {
      "lang": "es",
      "value": "La funcionalidad de autenticaci\u00f3n de proxy en Cisco Firewall Services Module (FWSM) software v3.1 y v3.2 antes de v3.2(20.1), v4.0 antes de v4.0(15.2), y v4.1 antes de v4.1(5.1) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (recarga del dispositivo) a trav\u00e9s de una URL hecha a mano, tambi\u00e9n conocido como Bug ID CSCtg02624."
    }
  ],
  "id": "CVE-2013-1155",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-04-11T10:55:01.857",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.