ID
VAR-201304-0035
CVE
CVE-2012-5415
TITLE
Cisco Adaptive Security Appliances Service disruption in (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272. Cisco Adaptive Security Appliance is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause CPU exhaustion and reload an affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCue31622 and CSCuc71272
Trust: 1.98
AFFECTED PRODUCTS
| vendor: | cisco | model: | 5500 series adaptive security appliance | scope: | eq | version: | 7.2 | Trust: 1.6 |
| vendor: | cisco | model: | 5500 adaptive security appliance | scope: | eq | version: | 7.2 | Trust: 1.6 |
| vendor: | cisco | model: | adaptive security appliance | scope: | - | version: | - | Trust: 1.4 |
| vendor: | cisco | model: | adaptive security appliance | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | cisco | model: | 5500 series adaptive security appliance | scope: | eq | version: | * | Trust: 1.0 |
| vendor: | cisco | model: | adaptive security appliance 5500 series | scope: | eq | version: | none | Trust: 0.8 |
| vendor: | cisco | model: | adaptive security appliance 5500 series | scope: | eq | version: | 7.2 | Trust: 0.8 |
| vendor: | cisco | model: | 5500 series adaptive security appliance | scope: | - | version: | - | Trust: 0.6 |
| vendor: | cisco | model: | asa series adaptive security appliances | scope: | eq | version: | 55000 | Trust: 0.3 |
| vendor: | cisco | model: | asa series adaptive security appliance | scope: | eq | version: | 55007.2.2 | Trust: 0.3 |
| vendor: | cisco | model: | asa series adaptive security appliance | scope: | eq | version: | 55007.2 | Trust: 0.3 |
| vendor: | cisco | model: | adaptive security appliance | scope: | eq | version: | 0 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-362 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
competitive condition
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Secondary Flows Lookup Denial of Service Vulnerability | url: | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415 | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2012-5415 | Trust: 2.8 |
| db: | JVNDB | id: | JVNDB-2013-002243 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201304-229 | Trust: 0.7 |
| db: | CISCO | id: | 20130411 SECONDARY FLOWS LOOKUP DENIAL OF SERVICE VULNERABILITY | Trust: 0.6 |
| db: | BID | id: | 59256 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-58696 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2012-5415 | Trust: 2.0 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-5415 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-5415 | Trust: 0.8 |
| url: | http://www.cisco.com/en/us/products/ps6120/index.html | Trust: 0.3 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | VULHUB | id: | VHN-58696 |
| db: | BID | id: | 59256 |
| db: | JVNDB | id: | JVNDB-2013-002243 |
| db: | CNNVD | id: | CNNVD-201304-229 |
| db: | NVD | id: | CVE-2012-5415 |
LAST UPDATE DATE
2024-11-23T22:35:24.472000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-58696 | date: | 2013-04-16T00:00:00 |
| db: | BID | id: | 59256 | date: | 2013-04-11T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-002243 | date: | 2013-04-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201304-229 | date: | 2013-04-17T00:00:00 |
| db: | NVD | id: | CVE-2012-5415 | date: | 2024-11-21T01:44:40.197 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-58696 | date: | 2013-04-16T00:00:00 |
| db: | BID | id: | 59256 | date: | 2013-04-11T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-002243 | date: | 2013-04-17T00:00:00 |
| db: | CNNVD | id: | CNNVD-201304-229 | date: | 2013-04-17T00:00:00 |
| db: | NVD | id: | CVE-2012-5415 | date: | 2013-04-16T14:04:30.890 |