Lucene search
HistoryAug 30, 2013 - 1:55 a.m.
CVE-2013-3463
cisco
asa
protocol inspection
vulnerability
denial of service
cve-2013-3463
6.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
69.2%
The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899.
Affected configurations
Node
ciscoadaptive_security_appliance_softwareMatch-
ciscoadaptive_security_appliance
Related
cvelist
cvelist
CVE-2013-3463
2013-08-30 01:00:00
cisco
cisco
Cisco ASA Protocol Inspection Connection Table Denial of Service Vulnerability
2013-08-30 14:22:11
nvd
nvd
CVE-2013-3463
2013-08-30 01:55:08
prion
prion
Input validation
2013-08-30 01:55:00
threatpost
threatpost
Cisco Issues Four Security Advisories
2013-09-03 14:46:08
6.9 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
0.003 Low
EPSS
Percentile
69.2%
Related for CVE-2013-3463