Details of VAR-201304-0279

ID

VAR-201304-0279

CVE

CVE-2013-1151

TITLE

Cisco Adaptive Security Appliances Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-002229

DESCRIPTION

Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5), 8.5 before 8.5(1.17), 8.6 before 8.6(1.10), and 8.7 before 8.7(1.3) allow remote attackers to cause a denial of service (device reload) via a crafted certificate, aka Bug ID CSCuc72408. Vendors have confirmed this vulnerability Bug ID CSCuc72408 It is released as.Service disruption through a crafted certificate by a third party ( Device reload ) There is a possibility of being put into a state. An attacker can exploit this issue to reload an affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuc72408. This vulnerability exists in the following versions: 7.x prior to 7.2(5.10), 8.0 prior to 8.0(5.31), 8.1 and 8.2 prior to 8.2(5.38), 8.3 prior to 8.3(2.37), 8.4(5 ) before 8.4, 8.5 (1.17) before 8.5, 8.6 (1.10) before 8.6, and 8.7 (1.3) before 8.7

Trust: 1.98

sources: NVD: CVE-2013-1151 // JVNDB: JVNDB-2013-002229 // BID: 59005 // VULHUB: VHN-61153

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.1	Trust: 1.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7.1	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5\(1.4\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(4.11\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7.1.1	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(4.4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(0\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.16\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.10\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2.49\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(5.28\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(6.7\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.8	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2.27\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.1.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(6\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(4.1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.6	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2.5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(8\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(2.48\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(1.22\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.4	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.7\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(7\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.4.3	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.18\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.48\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2.5	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.1\(5\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.15\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3\(2.34\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.19\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.0\(5.2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(4\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0\(3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(3.9\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2\(5.35\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.8\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.17\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2\(2.14\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	7.2(5.10)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.3	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.5	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.5(1.17)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.2	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.0(5.31)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.2(5.38)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.3(2.37)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.6(1.10)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7(1.3)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	7.x	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4(5)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.4	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.7	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.6	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.0	Trust: 0.8
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.6	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.5	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.4	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.3	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.2	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.1	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55008.0	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.2	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.1	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55007.0	Trust: 0.3

sources: BID: 59005 // JVNDB: JVNDB-2013-002229 // CNNVD: CNNVD-201304-180 // NVD: CVE-2013-1151

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-1151
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-1151
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201304-180
value:	HIGH
Trust: 0.6
VULHUB:	VHN-61153
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-1151
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-61153
severity:	HIGH
baseScore:	7.1
vectorString:	AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-61153 // JVNDB: JVNDB-2013-002229 // CNNVD: CNNVD-201304-180 // NVD: CVE-2013-1151

PROBLEMTYPE DATA

problemtype:

CWE-20

Trust: 1.9

sources: VULHUB: VHN-61153 // JVNDB: JVNDB-2013-002229 // NVD: CVE-2013-1151

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201304-180

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201304-180

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002229

PATCH

title:	cisco-sa-20130410-asa	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa	Trust: 0.8
title:	28514	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=28514	Trust: 0.8
title:	cisco-sa-20130410-asa	url:	http://www.cisco.com/cisco/web/support/JP/111/1117/1117743_cisco-sa-20130410-asa-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2013-002229

EXTERNAL IDS

db:	NVD	id:	CVE-2013-1151	Trust: 2.8
db:	JVNDB	id:	JVNDB-2013-002229	Trust: 0.8
db:	CNNVD	id:	CNNVD-201304-180	Trust: 0.7
db:	SECUNIA	id:	53013	Trust: 0.6
db:	CISCO	id:	20130410 MULTIPLE VULNERABILITIES IN CISCO ASA SOFTWARE	Trust: 0.6
db:	BID	id:	59005	Trust: 0.4
db:	VULHUB	id:	VHN-61153	Trust: 0.1

sources: VULHUB: VHN-61153 // BID: 59005 // JVNDB: JVNDB-2013-002229 // CNNVD: CNNVD-201304-180 // NVD: CVE-2013-1151

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130410-asa	Trust: 2.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1151	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1151	Trust: 0.8
url:	http://secunia.com/advisories/53013	Trust: 0.6
url:	http://www.cisco.com	Trust: 0.3

sources: VULHUB: VHN-61153 // BID: 59005 // JVNDB: JVNDB-2013-002229 // CNNVD: CNNVD-201304-180 // NVD: CVE-2013-1151

CREDITS

Cisco

Trust: 0.3

sources: BID: 59005

SOURCES

db:	VULHUB	id:	VHN-61153
db:	BID	id:	59005
db:	JVNDB	id:	JVNDB-2013-002229
db:	CNNVD	id:	CNNVD-201304-180
db:	NVD	id:	CVE-2013-1151

LAST UPDATE DATE

2024-11-23T21:45:42.726000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-61153	date:	2013-04-11T00:00:00
db:	BID	id:	59005	date:	2013-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2013-002229	date:	2013-04-15T00:00:00
db:	CNNVD	id:	CNNVD-201304-180	date:	2013-04-12T00:00:00
db:	NVD	id:	CVE-2013-1151	date:	2024-11-21T01:49:00.100

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-61153	date:	2013-04-11T00:00:00
db:	BID	id:	59005	date:	2013-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2013-002229	date:	2013-04-15T00:00:00
db:	CNNVD	id:	CNNVD-201304-180	date:	2013-04-12T00:00:00
db:	NVD	id:	CVE-2013-1151	date:	2013-04-11T10:55:01.813