fkie_nvd - fkie_cve-2015-0677

FKIE_CVE-2015-0677

Vulnerability from fkie_nvd - Published: 2015-04-13 01:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.28), 8.6 before 8.6(1.17), 9.0 before 9.0(4.33), 9.1 before 9.1(6), 9.2 before 9.2(3.4), and 9.3 before 9.3(3), when Clientless SSL VPN, AnyConnect SSL VPN, or AnyConnect IKEv2 VPN is used, allows remote attackers to cause a denial of service (VPN outage or device reload) via a crafted XML document, aka Bug ID CSCus95290.

References

URL	Tags
psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa	Vendor Advisory
psirt@cisco.com	http://www.securitytracker.com/id/1032045
af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1032045

Impacted products

Vendor	Product	Version
cisco	adaptive_security_appliance_software	8.4.1
cisco	adaptive_security_appliance_software	8.4.1.3
cisco	adaptive_security_appliance_software	8.4.1.11
cisco	adaptive_security_appliance_software	8.4.2
cisco	adaptive_security_appliance_software	8.4.2.1
cisco	adaptive_security_appliance_software	8.4.2.8
cisco	adaptive_security_appliance_software	8.4.3
cisco	adaptive_security_appliance_software	8.4.3.8
cisco	adaptive_security_appliance_software	8.4.3.9
cisco	adaptive_security_appliance_software	8.4.4
cisco	adaptive_security_appliance_software	8.4.4.1
cisco	adaptive_security_appliance_software	8.4.4.3
cisco	adaptive_security_appliance_software	8.4.4.5
cisco	adaptive_security_appliance_software	8.4.4.9
cisco	adaptive_security_appliance_software	8.4.5
cisco	adaptive_security_appliance_software	8.4.5.6
cisco	adaptive_security_appliance_software	8.4.6
cisco	adaptive_security_appliance_software	8.4.7
cisco	adaptive_security_appliance_software	8.4.7.3
cisco	adaptive_security_appliance_software	8.4.7.15
cisco	adaptive_security_appliance_software	8.4.7.22
cisco	adaptive_security_appliance_software	8.4.7.23
cisco	adaptive_security_appliance_software	8.4.7.26
cisco	adaptive_security_appliance_software	8.6.1
cisco	adaptive_security_appliance_software	8.6.1.1
cisco	adaptive_security_appliance_software	8.6.1.2
cisco	adaptive_security_appliance_software	8.6.1.5
cisco	adaptive_security_appliance_software	8.6.1.10
cisco	adaptive_security_appliance_software	8.6.1.12
cisco	adaptive_security_appliance_software	8.6.1.13
cisco	adaptive_security_appliance_software	8.6.1.14
cisco	adaptive_security_appliance_software	9.0.1
cisco	adaptive_security_appliance_software	9.0.2
cisco	adaptive_security_appliance_software	9.0.2.10
cisco	adaptive_security_appliance_software	9.0.3
cisco	adaptive_security_appliance_software	9.0.3.6
cisco	adaptive_security_appliance_software	9.0.3.8
cisco	adaptive_security_appliance_software	9.0.4
cisco	adaptive_security_appliance_software	9.0.4.1
cisco	adaptive_security_appliance_software	9.0.4.5
cisco	adaptive_security_appliance_software	9.0.4.7
cisco	adaptive_security_appliance_software	9.0.4.17
cisco	adaptive_security_appliance_software	9.0.4.20
cisco	adaptive_security_appliance_software	9.0.4.24
cisco	adaptive_security_appliance_software	9.0.4.26
cisco	adaptive_security_appliance_software	9.0.4.29
cisco	adaptive_security_appliance_software	9.1.1
cisco	adaptive_security_appliance_software	9.1.1.4
cisco	adaptive_security_appliance_software	9.1.2
cisco	adaptive_security_appliance_software	9.1.2.8
cisco	adaptive_security_appliance_software	9.1.3
cisco	adaptive_security_appliance_software	9.1.3.2
cisco	adaptive_security_appliance_software	9.1.4
cisco	adaptive_security_appliance_software	9.1.4.5
cisco	adaptive_security_appliance_software	9.1.5
cisco	adaptive_security_appliance_software	9.1.5.10
cisco	adaptive_security_appliance_software	9.1.5.12
cisco	adaptive_security_appliance_software	9.1.5.15
cisco	adaptive_security_appliance_software	9.1.5.21
cisco	adaptive_security_appliance_software	9.2.1
cisco	adaptive_security_appliance_software	9.2.2
cisco	adaptive_security_appliance_software	9.2.2.4
cisco	adaptive_security_appliance_software	9.2.2.7
cisco	adaptive_security_appliance_software	9.2.2.8
cisco	adaptive_security_appliance_software	9.2.3
cisco	adaptive_security_appliance_software	9.2.3.3
cisco	adaptive_security_appliance_software	9.3.1
cisco	adaptive_security_appliance_software	9.3.1.1
cisco	adaptive_security_appliance_software	9.3.2
cisco	adaptive_security_appliance_software	9.3.2.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "989F9AC4-C2D1-49A0-95C3-79A4EB827E07",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFE2E079-D7AC-4FE9-8938-A75C12AF5CA4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.1.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "B442C852-2465-4EA8-A977-1F10A4CE23AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6DB6ED4-3095-46C1-9CB6-2975A7B05303",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE68CD8E-B9CF-4519-8B0E-4C4488B34887",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "D762C9A7-005C-44FD-9BB2-7A1DD4EBE90B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE0B1212-87F3-46E5-B14A-C0C6BBAAAC98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "518D4826-06B0-4DDC-B082-A536418FD292",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "E343DE08-58FA-4C39-99F9-8CB5F57D0CD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "76363698-DB62-4D92-8EE4-069891A9F92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6159BEE3-D097-4E07-9962-06DB740E2AE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD606591-F69A-47AD-9256-20B98CA16135",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4EF3895-F372-45D3-9C7D-15F5C4712D08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DC5960D-B917-4ABA-850F-A710676ACB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B746A138-6650-49A3-87C8-3728FE5CF215",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E50C2A13-5A8B-4FA5-ABB8-1157E560503B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "909F9D55-9276-4CF1-BC63-7CEEF8F25C21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F383D276-D5EC-4335-AC09-9D30F6443AF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "39C2A7FF-6AC3-42B5-954A-9AA5950C523A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D7F36A8-C291-423D-AF28-56AAD8D0F712",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2009F4-F832-49D6-8346-54A7328BD93B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9221DD4-498A-4867-B647-47E42299CE45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4.7.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "B839A425-E08C-41B1-9270-E177E40B1E27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF969BE-46BB-4AD7-85AB-8384426E9551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8EEA7A5-67FD-4CA4-8FF8-4B17A9C47B61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "94E618B3-DD03-4ECD-AB9B-97F1EDF95E79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D0DFE19-1C68-40E6-B8CD-9CC03F8B4281",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "20424324-881A-496B-BC55-62AA75994249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "D67012F3-5153-400E-BD6F-EB0949875F2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "E40E9AB5-26E0-4BA2-9AFA-496BAA0EAC77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6.1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6BA4B2D-187A-47EC-8BE1-7EA178549476",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "500ED3CC-4FE8-4A24-ACFE-8D7E35E50D22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD2AE76B-D04E-4D0C-85E4-8AD07F7BDEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A6E1C03C-0737-4E2B-B3F9-10770281F4AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C7052D2-0789-4A4D-917D-FCD894B7280F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0956F0A8-7424-437C-AAD8-203183BEBFCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "49FB57F9-5B37-4509-B2EB-6A16DFE11F03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "952F6504-9CD0-453E-8C25-02BB9EE818F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E842AF74-D1E3-4F71-80F9-197B38942405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0B97FB1-CC3A-40B5-853D-476E6C5D9D6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F6293A8-C21E-46F6-ACC1-6BBAD419B41F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC1A48B1-112A-41C2-BC01-BCCF5794553D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2AE7036-C8EE-441F-94A4-DE8A9E89CA8C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "6448B4B4-022D-4D4A-A6DE-0090CEA12595",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "42813600-3186-4D19-8AF2-F4F98D3C6740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC0969E6-151D-4298-8EC8-68D7880E994B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4714F698-BBAE-47BB-99E8-F90D22415EDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB55BC7E-0B3F-4202-8768-08F27B763926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB01683-C482-4A5B-90FA-B5266BEA452E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA16481A-4A47-4A8E-8C78-87B3A171280A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C0258ED-6ED0-49C7-A13A-368711649FFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B7A71AA-E1A6-47B7-B2B2-A3115CAA4058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D448BB56-5B2E-4B3E-B7E8-1F4991F23D81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0346EAC-BDD1-4DC5-B8CA-20579C44AFE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "2049D602-54F1-4072-936E-0D7E337162B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "0710D6C8-AD34-43E2-B72B-315FFF3DC34F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "70F8F1D2-2196-44C4-B420-824F49BB4ACF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E14B8D3-6D53-4E84-9B5D-24667B192C4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1.5.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "A05B2DFD-A0EF-42BE-B00B-334E78CA8C10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9C31567-8AEB-49C6-AA60-4150411D62AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA140CB2-C17C-4164-A59A-8585906057BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "468D98A7-92D5-4C01-9EDD-CB44B85EA6BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BAAC9FE-CCF0-4385-B5E9-FC424CD3EFD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.2.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5C9DEB1C-F9B9-4291-92B5-8EEEADC57E51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "39330218-32FA-42FF-B5CA-288B7D140304",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A92D7CED-D036-414B-B9EB-DCAF7F425A7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "26D99395-D18D-458E-9880-19B7767F69D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E4CE047-3FEF-4A72-AD06-EC77D71EBCD9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED33F68A-9EB0-416A-A0A5-0DF2C349FFEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F7DD812-DC72-4816-8B0F-361C32B2CD2F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The XML parser in Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.28), 8.6 before 8.6(1.17), 9.0 before 9.0(4.33), 9.1 before 9.1(6), 9.2 before 9.2(3.4), and 9.3 before 9.3(3), when Clientless SSL VPN, AnyConnect SSL VPN, or AnyConnect IKEv2 VPN is used, allows remote attackers to cause a denial of service (VPN outage or device reload) via a crafted XML document, aka Bug ID CSCus95290."
    },
    {
      "lang": "es",
      "value": "El analizador sint\u00e1ctico de XML en Software Cisco Adaptive Security Appliance (ASA) Software 8.4 anterior a 8.4(7.28), 8.6 anterior a 8.6(1.17), 9.0 anterior a 9.0(4.33), 9.1 anterior a 9.1(6), 9.2 anterior a 9.2(3.4), y 9.3 anterior a 9.3(3), cuando Clientless SSL VPN, AnyConnect SSL VPN, o AnyConnect IKEv2 VPN se utilizan, permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n de VPN o recarga de dispositivo) a trav\u00e9s de un documento XML manipulado, tambi\u00e9n conocido como Bug ID CSCus95290."
    }
  ],
  "id": "CVE-2015-0677",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-04-13T01:59:03.033",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id/1032045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-asa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1032045"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2015-0677 (GCVE-0-2015-0677)

Vulnerability from cvelistv5 – Published: 2015-04-13 01:00 – Updated: 2024-08-06 04:17

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2015-0677

CVE-2015-0677 (GCVE-0-2015-0677)

Tags

Sightings

Nomenclature