Details of VAR-201206-0113

ID

VAR-201206-0113

CVE

CVE-2012-3058

TITLE

Cisco ASA 5500 Series and Catalyst 6500 Service disruption in series devices (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-002814

DESCRIPTION

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(4.1), 8.5 before 8.5(1.11), and 8.6 before 8.6(1.3) allow remote attackers to cause a denial of service (device reload) via IPv6 transit traffic that triggers syslog message 110003, aka Bug ID CSCua27134. An attacker can exploit this issue to cause a vulnerable device to reload, triggering a denial-of-service condition. This issue is tracked by Cisco Bug ID CSCua27134. Cisco ASA is a set of firewall equipment of Cisco (Cisco). The device also includes IPS (Intrusion Prevention System), SSL VPN, IPSec VPN, antispam, and more. Cisco Catalyst is a series of commercial grade switches distributed and maintained by CISCO Corporation

Trust: 2.07

sources: NVD: CVE-2012-3058 // JVNDB: JVNDB-2012-002814 // BID: 54106 // VULHUB: VHN-56339 // VULMON: CVE-2012-3058

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(1.11\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(2\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(2.11\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5\(1.4\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4	Trust: 1.6
vendor:	cisco	model:	catalyst 6506-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	catalyst 6509-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	catalyst 6513	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	catalyst 6513-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	catalyst 6509-v-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	catalyst 6509-neb-a	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	5500 series adaptive security appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	catalyst 6504-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	catalyst 6503-e	scope:	eq	version:	-	Trust: 1.0
vendor:	cisco	model:	catalyst 6500	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4(4.1)	Trust: 0.8
vendor:	cisco	model:	catalyst 6504-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.5	Trust: 0.8
vendor:	cisco	model:	catalyst 6509-neb-a switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.5	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.4	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.5(1.11)	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.6(1.3)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.4	Trust: 0.8
vendor:	cisco	model:	catalyst 6506-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6503-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	lt	version:	8.6	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance 5500 series	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.6	Trust: 0.8
vendor:	cisco	model:	catalyst 6509-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6513 switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	catalyst 6513-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6(1.3)	Trust: 0.8
vendor:	cisco	model:	catalyst 6509-v-e switch	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5(1.11)	Trust: 0.8
vendor:	cisco	model:	catalyst 6500 series	scope:	eq	version:	device software 8.4(4.1)	Trust: 0.8
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.5(1.6)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.16)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.4(3)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.1)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.5(1.4)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5(1.2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(1.10)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.7)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.6(1.1)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.6	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.4(2.1)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.4(2.11)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.4(2.5)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(3)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5(1.1)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.5	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5(1.4)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.5)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4(2.11)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5(1.6)	Trust: 0.3
vendor:	cisco	model:	catalyst series asa services module	scope:	eq	version:	65008.5(1.2)	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.6(1.1)	Trust: 0.3

sources: BID: 54106 // JVNDB: JVNDB-2012-002814 // CNNVD: CNNVD-201206-377 // NVD: CVE-2012-3058

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3058
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-3058
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201206-377
value:	HIGH
Trust: 0.6
VULHUB:	VHN-56339
value:	HIGH
Trust: 0.1
VULMON:	CVE-2012-3058
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-3058
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-56339
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-56339 // VULMON: CVE-2012-3058 // JVNDB: JVNDB-2012-002814 // CNNVD: CNNVD-201206-377 // NVD: CVE-2012-3058

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2012-3058

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201206-377

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201206-377

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-002814

PATCH

title:	cisco-sa-20120620-asaipv6	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-asaipv6	Trust: 0.8
title:	26180	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=26180	Trust: 0.8
title:	cisco-sa-20120620-asaipv6	url:	http://www.cisco.com/cisco/web/support/JP/111/1115/1115491_cisco-sa-20120620-asaipv6-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2012-002814

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3058	Trust: 2.9
db:	SECTRACK	id:	1027187	Trust: 1.1
db:	JVNDB	id:	JVNDB-2012-002814	Trust: 0.8
db:	CNNVD	id:	CNNVD-201206-377	Trust: 0.7
db:	NSFOCUS	id:	19868	Trust: 0.6
db:	CISCO	id:	20120620 CISCO ASA 5500 SERIES ADAPTIVE SECURITY APPLIANCES AND CISCO CATALYST 6500 SERIES ASA SERVICES MODULE DENIAL OF SERVICE VULNERABILITY	Trust: 0.6
db:	BID	id:	54106	Trust: 0.4
db:	VULHUB	id:	VHN-56339	Trust: 0.1
db:	VULMON	id:	CVE-2012-3058	Trust: 0.1

sources: VULHUB: VHN-56339 // VULMON: CVE-2012-3058 // BID: 54106 // JVNDB: JVNDB-2012-002814 // CNNVD: CNNVD-201206-377 // NVD: CVE-2012-3058

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120620-asaipv6	Trust: 1.8
url:	http://www.securitytracker.com/id?1027187	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3058	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3058	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/19868	Trust: 0.6
url:	http://www.cisco.com/en/us/products/ps6120/index.html	Trust: 0.3
url:	http://www.cisco.com/en/us/products/hw/switches/index.html	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/.html	Trust: 0.1
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=26180	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-56339 // VULMON: CVE-2012-3058 // BID: 54106 // JVNDB: JVNDB-2012-002814 // CNNVD: CNNVD-201206-377 // NVD: CVE-2012-3058

CREDITS

Cisco

Trust: 0.3

sources: BID: 54106

SOURCES

db:	VULHUB	id:	VHN-56339
db:	VULMON	id:	CVE-2012-3058
db:	BID	id:	54106
db:	JVNDB	id:	JVNDB-2012-002814
db:	CNNVD	id:	CNNVD-201206-377
db:	NVD	id:	CVE-2012-3058

LAST UPDATE DATE

2024-11-23T22:23:24.012000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-56339	date:	2013-03-22T00:00:00
db:	VULMON	id:	CVE-2012-3058	date:	2013-03-22T00:00:00
db:	BID	id:	54106	date:	2015-03-19T09:37:00
db:	JVNDB	id:	JVNDB-2012-002814	date:	2012-06-22T00:00:00
db:	CNNVD	id:	CNNVD-201206-377	date:	2012-06-21T00:00:00
db:	NVD	id:	CVE-2012-3058	date:	2024-11-21T01:40:10.983

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-56339	date:	2012-06-20T00:00:00
db:	VULMON	id:	CVE-2012-3058	date:	2012-06-20T00:00:00
db:	BID	id:	54106	date:	2012-06-20T00:00:00
db:	JVNDB	id:	JVNDB-2012-002814	date:	2012-06-22T00:00:00
db:	CNNVD	id:	CNNVD-201206-377	date:	2012-06-21T00:00:00
db:	NVD	id:	CVE-2012-3058	date:	2012-06-20T20:55:02.697