Sign-up

ID

VAR-201304-0256


CVE

CVE-2013-1193


TITLE

Cisco ASA and Cisco Firewall Services Module of SSH Service disruption in implementations (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-002245

DESCRIPTION

The Secure Shell (SSH) implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly terminate sessions, which allows remote attackers to cause a denial of service (SSH service outage) by repeatedly establishing SSH connections, aka Bug IDs CSCue63881, CSCuf51892, CSCue78671, and CSCug26937. Vendors have confirmed this vulnerability Bug ID CSCue63881 , CSCuf51892 , CSCue78671 , CSCug26937 It is released as.Repeated by a third party SSH Service disruption by establishing a connection (SSH Service outage ) There is a possibility of being put into a state. Multiple Cisco products are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause a denial of service condition. This issue is being tracked by Cisco Bug IDs CSCue63881, CSCuf51892, CSCue78671, and CSCug26937. Cisco ASA is a set of firewall equipment of Cisco (Cisco). The device also includes IPS (Intrusion Prevention System), SSL VPN, IPSec VPN, antispam, and more

Trust: 1.98

sources: NVD: CVE-2013-1193 // JVNDB: JVNDB-2013-002245 // BID: 59043 // VULHUB: VHN-61195

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion: -

Trust: 1.6

vendor:ciscomodel:firewall services modulescope:eqversion: -

Trust: 1.6

vendor:ciscomodel:adaptive security appliance softwarescope:lteversion:8.4.6

Trust: 0.8

vendor:ciscomodel:firewall services modulescope:lteversion:4.1.7

Trust: 0.8

sources: JVNDB: JVNDB-2013-002245 // CNNVD: CNNVD-201304-205 // NVD: CVE-2013-1193

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-1193
value: MEDIUM

Trust: 1.0

NVD: CVE-2013-1193
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201304-205
value: MEDIUM

Trust: 0.6

VULHUB: VHN-61195
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2013-1193
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-61195
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-61195 // JVNDB: JVNDB-2013-002245 // CNNVD: CNNVD-201304-205 // NVD: CVE-2013-1193

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

problemtype:CWE-DesignError

Trust: 0.8

sources: JVNDB: JVNDB-2013-002245 // NVD: CVE-2013-1193

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201304-205

TYPE

Design Error

Trust: 0.9

sources: BID: 59043 // CNNVD: CNNVD-201304-205

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-002245

PATCH
title:Secure Shell Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1193
Trust: 0.8
title:28946url:http://tools.cisco.com/security/center/viewAlert.x?alertId=28946
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-002245

EXTERNAL IDS
db:NVDid:CVE-2013-1193
Trust: 2.8
db:JVNDBid:JVNDB-2013-002245
Trust: 0.8
db:CNNVDid:CNNVD-201304-205
Trust: 0.7
db:SECUNIAid:52989
Trust: 0.6
db:SECUNIAid:53040
Trust: 0.6
db:CISCOid:20130412 SECURE SHELL DENIAL OF SERVICE VULNERABILITY
Trust: 0.6
db:BIDid:59043
Trust: 0.4
db:VULHUBid:VHN-61195
Trust: 0.1
sources:
            
            
            VULHUB: VHN-61195 // 
            
            
            
            BID: 59043 // 
            
            
            
            JVNDB: JVNDB-2013-002245 // 
            
            
            
            CNNVD: CNNVD-201304-205 // 
            
            
            
            NVD: CVE-2013-1193

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1193
Trust: 2.0
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1193
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1193
Trust: 0.8
url:http://secunia.com/advisories/52989
Trust: 0.6
url:http://secunia.com/advisories/53040
Trust: 0.6
url:http://www.cisco.com/en/us/products/ps6120/index.html
Trust: 0.3
url:http://www.cisco.com
Trust: 0.3
sources:
            
            
            VULHUB: VHN-61195 // 
            
            
            
            BID: 59043 // 
            
            
            
            JVNDB: JVNDB-2013-002245 // 
            
            
            
            CNNVD: CNNVD-201304-205 // 
            
            
            
            NVD: CVE-2013-1193

CREDITS
Cisco
Trust: 0.3
sources:
            
            
            BID: 59043

SOURCES
db:VULHUBid:VHN-61195
db:BIDid:59043
db:JVNDBid:JVNDB-2013-002245
db:CNNVDid:CNNVD-201304-205
db:NVDid:CVE-2013-1193

LAST UPDATE DATE
2024-11-23T22:53:29.156000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-61195date:2013-04-16T00:00:00
db:BIDid:59043date:2015-03-19T08:41:00
db:JVNDBid:JVNDB-2013-002245date:2013-04-17T00:00:00
db:CNNVDid:CNNVD-201304-205date:2013-04-17T00:00:00
db:NVDid:CVE-2013-1193date:2024-11-21T01:49:05.330

SOURCES RELEASE DATE
db:VULHUBid:VHN-61195date:2013-04-16T00:00:00
db:BIDid:59043date:2013-04-12T00:00:00
db:JVNDBid:JVNDB-2013-002245date:2013-04-17T00:00:00
db:CNNVDid:CNNVD-201304-205date:2013-04-15T00:00:00
db:NVDid:CVE-2013-1193date:2013-04-16T14:04:30.917