Details of VAR-201304-0258

ID

VAR-201304-0258

CVE

CVE-2013-1195

TITLE

Cisco ASA Device and Cisco FWSM Run on time-based ACL Vulnerability that can bypass access restrictions

Trust: 0.8

sources: JVNDB: JVNDB-2013-002460

DESCRIPTION

The time-based ACL implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly handle periodic statements for the time-range command, which allows remote attackers to bypass intended access restrictions by sending network traffic during denied time periods, aka Bug IDs CSCuf79091 and CSCug45850. Vendors have confirmed this vulnerability Bug ID CSCuf79091 , CSCug45850 It is released as.A third party may be able to circumvent access restrictions by sending network traffic during the denial period. Cisco Adaptive Security Appliance (ASA) is prone to a security-bypass vulnerability. Successfully exploiting this issue will allow attackers to bypass the access list and perform unauthorized actions. This issue is tracked by Cisco Bug ID's CSCuf79091 and CSCug45850. Cisco Firewall Services Module (FWSM) is a firewall service module of Cisco, which is deployed on 6500 series switches and 7600 series routers to provide traffic acceleration. This can invalidate the time-range object

Trust: 1.98

sources: NVD: CVE-2013-1195 // JVNDB: JVNDB-2013-002460 // BID: 59395 // VULHUB: VHN-61197

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	-	Trust: 1.6
vendor:	cisco	model:	firewall services module	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lte	version:	8.4.6	Trust: 0.8
vendor:	cisco	model:	firewall services module	scope:	lte	version:	4.1.7	Trust: 0.8
vendor:	cisco	model:	firewall services module	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	firewall services module	scope:	eq	version:	0	Trust: 0.3
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	0	Trust: 0.3

sources: BID: 59395 // JVNDB: JVNDB-2013-002460 // CNNVD: CNNVD-201304-506 // NVD: CVE-2013-1195

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-1195
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2013-1195
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201304-506
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-61197
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2013-1195
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-61197
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-61197 // JVNDB: JVNDB-2013-002460 // CNNVD: CNNVD-201304-506 // NVD: CVE-2013-1195

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.9

sources: VULHUB: VHN-61197 // JVNDB: JVNDB-2013-002460 // NVD: CVE-2013-1195

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201304-506

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201304-506

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002460

PATCH

title:	Time-Range Object Access List Bypass Vulnerability	url:	http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1195	Trust: 0.8
title:	29063	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=29063	Trust: 0.8

sources: JVNDB: JVNDB-2013-002460

EXTERNAL IDS

db:	NVD	id:	CVE-2013-1195	Trust: 2.8
db:	BID	id:	59395	Trust: 1.0
db:	JVNDB	id:	JVNDB-2013-002460	Trust: 0.8
db:	CNNVD	id:	CNNVD-201304-506	Trust: 0.7
db:	CISCO	id:	20130422 TIME-RANGE OBJECT ACCESS LIST BYPASS VULNERABILITY	Trust: 0.6
db:	SECUNIA	id:	53140	Trust: 0.6
db:	SECUNIA	id:	53131	Trust: 0.6
db:	VULHUB	id:	VHN-61197	Trust: 0.1

sources: VULHUB: VHN-61197 // BID: 59395 // JVNDB: JVNDB-2013-002460 // CNNVD: CNNVD-201304-506 // NVD: CVE-2013-1195

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-1195	Trust: 2.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1195	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1195	Trust: 0.8
url:	http://secunia.com/advisories/53131	Trust: 0.6
url:	http://secunia.com/advisories/53140	Trust: 0.6
url:	http://www.securityfocus.com/bid/59395	Trust: 0.6
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-61197 // BID: 59395 // JVNDB: JVNDB-2013-002460 // CNNVD: CNNVD-201304-506 // NVD: CVE-2013-1195

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 59395

SOURCES

db:	VULHUB	id:	VHN-61197
db:	BID	id:	59395
db:	JVNDB	id:	JVNDB-2013-002460
db:	CNNVD	id:	CNNVD-201304-506
db:	NVD	id:	CVE-2013-1195

LAST UPDATE DATE

2024-11-23T21:55:36.329000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-61197	date:	2013-04-24T00:00:00
db:	BID	id:	59395	date:	2013-04-22T00:00:00
db:	JVNDB	id:	JVNDB-2013-002460	date:	2013-04-25T00:00:00
db:	CNNVD	id:	CNNVD-201304-506	date:	2013-04-26T00:00:00
db:	NVD	id:	CVE-2013-1195	date:	2024-11-21T01:49:05.583

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-61197	date:	2013-04-24T00:00:00
db:	BID	id:	59395	date:	2013-04-22T00:00:00
db:	JVNDB	id:	JVNDB-2013-002460	date:	2013-04-25T00:00:00
db:	CNNVD	id:	CNNVD-201304-506	date:	2013-04-24T00:00:00
db:	NVD	id:	CVE-2013-1195	date:	2013-04-24T10:28:37.890