Lucene search

[email protected]CVE-2013-5511

HistoryOct 13, 2013 - 10:20 a.m.

CVE-2013-5511

2013-10-1310:20:04

CWE-287

[email protected]

web.nvd.nist.gov

cisco

adaptive security appliance

asdm

remote management

authentication bypass

tcp session

cve-2013-5511

7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.2%

JSON

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote attackers to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815.

Affected configurations

NVD

Node

ciscoadaptive_security_appliance_softwareMatch8.2

ciscoadaptive_security_appliance_softwareMatch8.2\(1\)

ciscoadaptive_security_appliance_softwareMatch8.2\(2\)

ciscoadaptive_security_appliance_softwareMatch8.2\(3\)

ciscoadaptive_security_appliance_softwareMatch8.2\(3.9\)

ciscoadaptive_security_appliance_softwareMatch8.2\(4\)

ciscoadaptive_security_appliance_softwareMatch8.2\(4.1\)

ciscoadaptive_security_appliance_softwareMatch8.2\(4.4\)

ciscoadaptive_security_appliance_softwareMatch8.2\(5\)

ciscoadaptive_security_appliance_softwareMatch8.2\(5.35\)

ciscoadaptive_security_appliance_softwareMatch8.2\(5.38\)

ciscoadaptive_security_appliance_softwareMatch8.2.1

ciscoadaptive_security_appliance_softwareMatch8.2.2

ciscoadaptive_security_appliance_softwareMatch8.2.2interim

ciscoadaptive_security_appliance_softwareMatch8.2.3

ciscoadaptive_security_appliance_softwareMatch8.3\(1\)

ciscoadaptive_security_appliance_softwareMatch8.3\(2\)

ciscoadaptive_security_appliance_softwareMatch8.3\(2.34\)

ciscoadaptive_security_appliance_softwareMatch8.3\(2.37\)

ciscoadaptive_security_appliance_softwareMatch8.3.1

ciscoadaptive_security_appliance_softwareMatch8.3.1interim

ciscoadaptive_security_appliance_softwareMatch8.3.2

ciscoadaptive_security_appliance_softwareMatch8.4

ciscoadaptive_security_appliance_softwareMatch8.4\(1\)

ciscoadaptive_security_appliance_softwareMatch8.4\(1.11\)

ciscoadaptive_security_appliance_softwareMatch8.4\(2\)

ciscoadaptive_security_appliance_softwareMatch8.4\(2.11\)

ciscoadaptive_security_appliance_softwareMatch8.4\(3\)

ciscoadaptive_security_appliance_softwareMatch8.4\(4.11\)

ciscoadaptive_security_appliance_softwareMatch8.4\(5\)

ciscoadaptive_security_appliance_softwareMatch8.5

ciscoadaptive_security_appliance_softwareMatch8.5\(1\)

ciscoadaptive_security_appliance_softwareMatch8.5\(1.4\)

ciscoadaptive_security_appliance_softwareMatch8.5\(1.17\)

ciscoadaptive_security_appliance_softwareMatch8.6

ciscoadaptive_security_appliance_softwareMatch8.6\(1\)

ciscoadaptive_security_appliance_softwareMatch8.6\(1.3\)

ciscoadaptive_security_appliance_softwareMatch8.6\(1.10\)

ciscoadaptive_security_appliance_softwareMatch8.7\(1.3\)

ciscoadaptive_security_appliance_softwareMatch8.7.1

ciscoadaptive_security_appliance_softwareMatch8.7.1.1

ciscoadaptive_security_appliance_softwareMatch9.0

ciscoadaptive_security_appliance_softwareMatch9.1

ciscoadaptive_security_appliance_softwareMatch9.1\(1.7\)

CPENameOperatorVersion
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2\(1\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2\(2\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2\(3\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2\(3.9\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2\(4\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2\(4.1\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2\(4.4\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2\(5\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.2\(5.35\)

CPE	Name	Operator	Version
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2\(1\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2\(2\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2\(3\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2\(3.9\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2\(4\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2\(4.1\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2\(4.4\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2\(5\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.2\(5.35\)