Sign-up

ID

VAR-201209-0194


CVE

CVE-2012-4629


TITLE

Cisco ASA-CX Context-Aware Security Modules and Prime Security Manager Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-004327

DESCRIPTION

The Cisco ASA-CX Context-Aware Security module before 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) before 9.0.2-103, allows remote attackers to cause a denial of service (disk consumption and application hang) via unspecified IPv4 packets that trigger log entries, aka Bug ID CSCub70603. An attacker can exploit this issue to cause the device to crash, denying service to legitimate users. This issue is being tracked by the Cisco Bug ID CSCub70603

Trust: 1.98

sources: NVD: CVE-2012-4629 // JVNDB: JVNDB-2012-004327 // BID: 55515 // VULHUB: VHN-57910

AFFECTED PRODUCTS

vendor:ciscomodel:asa cx context-aware securityscope:lteversion:9.0

Trust: 1.0

vendor:ciscomodel:prime security managerscope:lteversion:9.0

Trust: 1.0

vendor:ciscomodel:asa cx context-aware security softwarescope:ltversion:9.0.2-103

Trust: 0.8

vendor:ciscomodel:prime security managerscope:ltversion:9.0.2-103

Trust: 0.8

vendor:ciscomodel:prime security managerscope:eqversion:9.0

Trust: 0.6

vendor:ciscomodel:asa cx context-aware securityscope:eqversion:9.0

Trust: 0.6

vendor:ciscomodel:adaptive security appliancescope: - version: -

Trust: 0.6

sources: JVNDB: JVNDB-2012-004327 // CNNVD: CNNVD-201209-226 // NVD: CVE-2012-4629

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2012-4629
value: HIGH

Trust: 1.0

NVD: CVE-2012-4629
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201209-226
value: HIGH

Trust: 0.6

VULHUB: VHN-57910
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2012-4629
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-57910
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-57910 // JVNDB: JVNDB-2012-004327 // CNNVD: CNNVD-201209-226 // NVD: CVE-2012-4629

PROBLEMTYPE DATA

problemtype:CWE-399

Trust: 1.9

sources: VULHUB: VHN-57910 // JVNDB: JVNDB-2012-004327 // NVD: CVE-2012-4629

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201209-226

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201209-226

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2012-004327

PATCH
title:cisco-sa-20120912-asacxurl:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-asacx
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2012-004327

EXTERNAL IDS
db:NVDid:CVE-2012-4629
Trust: 2.8
db:BIDid:55515
Trust: 1.4
db:JVNDBid:JVNDB-2012-004327
Trust: 0.8
db:CNNVDid:CNNVD-201209-226
Trust: 0.7
db:NSFOCUSid:20669
Trust: 0.6
db:VULHUBid:VHN-57910
Trust: 0.1
sources:
            
            
            VULHUB: VHN-57910 // 
            
            
            
            BID: 55515 // 
            
            
            
            JVNDB: JVNDB-2012-004327 // 
            
            
            
            CNNVD: CNNVD-201209-226 // 
            
            
            
            NVD: CVE-2012-4629

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120912-asacx
Trust: 2.0
url:http://www.securityfocus.com/bid/55515
Trust: 1.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4629
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4629
Trust: 0.8
url:http://www.nsfocus.net/vulndb/20669
Trust: 0.6
url:http://www.cisco.com/en/us/products/ps12521/index.html
Trust: 0.3
url:http://www.cisco.com/en/us/products/ps12635/index.html
Trust: 0.3
sources:
            
            
            VULHUB: VHN-57910 // 
            
            
            
            BID: 55515 // 
            
            
            
            JVNDB: JVNDB-2012-004327 // 
            
            
            
            CNNVD: CNNVD-201209-226 // 
            
            
            
            NVD: CVE-2012-4629

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 55515

SOURCES
db:VULHUBid:VHN-57910
db:BIDid:55515
db:JVNDBid:JVNDB-2012-004327
db:CNNVDid:CNNVD-201209-226
db:NVDid:CVE-2012-4629

LAST UPDATE DATE
2024-11-23T22:49:40.592000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-57910date:2013-04-05T00:00:00
db:BIDid:55515date:2015-03-19T08:41:00
db:JVNDBid:JVNDB-2012-004327date:2012-09-14T00:00:00
db:CNNVDid:CNNVD-201209-226date:2012-09-14T00:00:00
db:NVDid:CVE-2012-4629date:2024-11-21T01:43:17.077

SOURCES RELEASE DATE
db:VULHUBid:VHN-57910date:2012-09-12T00:00:00
db:BIDid:55515date:2012-09-12T00:00:00
db:JVNDBid:JVNDB-2012-004327date:2012-09-14T00:00:00
db:CNNVDid:CNNVD-201209-226date:2012-09-14T00:00:00
db:NVDid:CVE-2012-4629date:2012-09-12T23:55:00.853