Code injection

2012-03-1500:55:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.021 Low

EPSS

Percentile

89.2%

JSON

The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) does not properly handle flows, which allows remote attackers to cause a denial of service (device reload) via a crafted series of (1) IPv4 or (2) IPv6 UDP packets, aka Bug ID CSCtq10441.

CPENameOperatorVersion
adaptive_security_appliance_softwareeq8.0
adaptive_security_appliance_softwareeq8.2.0
adaptive_security_appliance_softwareeq8.3.0
adaptive_security_appliance_softwareeq8.4.0
adaptive_security_appliance_softwareeq8.5.0
adaptive_security_appliance_softwareeq8.0.2
adaptive_security_appliance_softwareeq8.0.3
adaptive_security_appliance_softwareeq8.0.4
adaptive_security_appliance_softwareeq8.0.5
adaptive_security_appliance_softwareeq8.1

Name	Operator	Version
adaptive_security_appliance_software	eq	8.0
adaptive_security_appliance_software	eq	8.2.0
adaptive_security_appliance_software	eq	8.3.0
adaptive_security_appliance_software	eq	8.4.0
adaptive_security_appliance_software	eq	8.5.0
adaptive_security_appliance_software	eq	8.0.2
adaptive_security_appliance_software	eq	8.0.3
adaptive_security_appliance_software	eq	8.0.4
adaptive_security_appliance_software	eq	8.0.5
adaptive_security_appliance_software	eq	8.1