CVE-2013-1199

2022-10-0316:14:49

CWE-362

[email protected]

web.nvd.nist.gov

cve-2013-1199

race condition

cifs

cisco asa

denial of service

bug id cscub58996

nvd

4.9 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:N/I:N/A:C

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.4%

JSON

Race condition in the CIFS implementation in the rewriter module in the Clientless SSL VPN component on Cisco Adaptive Security Appliances (ASA) devices allows remote authenticated users to cause a denial of service (device reload) by accessing resources within multiple sessions, aka Bug ID CSCub58996.

Affected configurations

NVD

Node

ciscoadaptive_security_appliance_clientless_ssl_vpnMatch-

ciscoadaptive_security_appliance_softwareMatch-

AND

ciscoadaptive_security_appliance

CPENameOperatorVersion
cisco:adaptive_security_appliance_clientless_ssl_vpncisco adaptive security appliance clientless ssl vpneq-
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq-
cisco:adaptive_security_appliancecisco adaptive security applianceeq*

CPE	Name	Operator	Version
cisco:adaptive_security_appliance_clientless_ssl_vpn	cisco adaptive security appliance clientless ssl vpn	eq	-
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	-
cisco:adaptive_security_appliance	cisco adaptive security appliance	eq	*