Details of VAR-201304-0280

ID

VAR-201304-0280

CVE

CVE-2013-1152

TITLE

Cisco Adaptive Security Appliances Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-002217

DESCRIPTION

Cisco Adaptive Security Appliances (ASA) devices with software 9.0 before 9.0(1.2) allow remote attackers to cause a denial of service (device reload) via a crafted field in a DNS message, aka Bug ID CSCuc80080. An attacker can exploit this issue to reload an affected device, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuc80080

Trust: 1.98

sources: NVD: CVE-2013-1152 // JVNDB: JVNDB-2013-002217 // BID: 59012 // VULHUB: VHN-61154

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance	scope:	eq	version:	*	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.0	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(1.2)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	asa series adaptive security appliance	scope:	eq	version:	55009.0	Trust: 0.3
vendor:	cisco	model:	asa series adaptive security appliance	scope:	ne	version:	55009.0(1.2)	Trust: 0.3

sources: BID: 59012 // JVNDB: JVNDB-2013-002217 // CNNVD: CNNVD-201304-181 // NVD: CVE-2013-1152

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-1152
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-1152
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201304-181
value:	HIGH
Trust: 0.6
VULHUB:	VHN-61154
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-1152
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-61154
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-61154 // JVNDB: JVNDB-2013-002217 // CNNVD: CNNVD-201304-181 // NVD: CVE-2013-1152

PROBLEMTYPE DATA

problemtype:

NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-1152

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201304-181

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201304-181

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-002217

PATCH

title:	cisco-sa-20130410-asa	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-asa	Trust: 0.8
title:	28515	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=28515	Trust: 0.8
title:	cisco-sa-20130410-asa	url:	http://www.cisco.com/cisco/web/support/JP/111/1117/1117743_cisco-sa-20130410-asa-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2013-002217

EXTERNAL IDS

db:	NVD	id:	CVE-2013-1152	Trust: 2.8
db:	JVNDB	id:	JVNDB-2013-002217	Trust: 0.8
db:	CNNVD	id:	CNNVD-201304-181	Trust: 0.7
db:	SECUNIA	id:	53013	Trust: 0.6
db:	CISCO	id:	20130410 MULTIPLE VULNERABILITIES IN CISCO ASA SOFTWARE	Trust: 0.6
db:	BID	id:	59012	Trust: 0.4
db:	VULHUB	id:	VHN-61154	Trust: 0.1

sources: VULHUB: VHN-61154 // BID: 59012 // JVNDB: JVNDB-2013-002217 // CNNVD: CNNVD-201304-181 // NVD: CVE-2013-1152

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20130410-asa	Trust: 2.0
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1152	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-1152	Trust: 0.8
url:	http://secunia.com/advisories/53013	Trust: 0.6
url:	http://www.cisco.com	Trust: 0.3

sources: VULHUB: VHN-61154 // BID: 59012 // JVNDB: JVNDB-2013-002217 // CNNVD: CNNVD-201304-181 // NVD: CVE-2013-1152

CREDITS

Cisco

Trust: 0.3

sources: BID: 59012

SOURCES

db:	VULHUB	id:	VHN-61154
db:	BID	id:	59012
db:	JVNDB	id:	JVNDB-2013-002217
db:	CNNVD	id:	CNNVD-201304-181
db:	NVD	id:	CVE-2013-1152

LAST UPDATE DATE

2024-11-23T21:45:42.664000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-61154	date:	2013-04-29T00:00:00
db:	BID	id:	59012	date:	2013-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2013-002217	date:	2013-04-15T00:00:00
db:	CNNVD	id:	CNNVD-201304-181	date:	2013-04-12T00:00:00
db:	NVD	id:	CVE-2013-1152	date:	2024-11-21T01:49:00.240

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-61154	date:	2013-04-11T00:00:00
db:	BID	id:	59012	date:	2013-04-10T00:00:00
db:	JVNDB	id:	JVNDB-2013-002217	date:	2013-04-15T00:00:00
db:	CNNVD	id:	CNNVD-201304-181	date:	2013-04-12T00:00:00
db:	NVD	id:	CVE-2013-1152	date:	2013-04-11T10:55:01.840