Lucene search

[email protected]CVE-2013-6682

HistoryNov 13, 2013 - 3:55 p.m.

CVE-2013-6682

2013-11-1315:55:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2013-6682

cisco

adaptive security appliance

asa software

x.509 certificates

denial of service

nvd

bug id cscui33299.

6.9 Medium

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.002 Low

EPSS

Percentile

51.8%

JSON

The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299.

CPENameOperatorVersion
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwarele9.0.3\(6\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(5\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(4\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(6\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(6.7\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(8\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0.4.3
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0.4
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0\(1\)
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq7.0

CPE	Name	Operator	Version
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	le	9.0.3\(6\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(5\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(4\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(6\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(6.7\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(8\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0.4.3
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0.4
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0\(1\)
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	7.0

Rows per page:

1-10 of 1111

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6682

tools.cisco.com/security/center/viewAlert.x?alertId=31692

6.9 Medium

AI Score

Confidence

High

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:P/A:P

0.002 Low

EPSS

Percentile

51.8%

JSON

Related for CVE-2013-6682

cisco1 prion1 cvelist1