Details of VAR-201310-0525

ID

VAR-201310-0525

CVE

CVE-2013-5542

TITLE

Cisco Adaptive Security Appliance Service disruption in software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-004818

DESCRIPTION

Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), 8.7 before 8.7(1.8), 9.0 before 9.0(3.6), and 9.1 before 9.1(2.8) allows remote attackers to cause a denial of service (firewall-session disruption or device reload) via crafted ICMP packets, aka Bug ID CSCui77398. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCui77398

Trust: 1.98

sources: NVD: CVE-2013-5542 // JVNDB: JVNDB-2013-004818 // BID: 63202 // VULHUB: VHN-65544

AFFECTED PRODUCTS

vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1\(1.7\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(1\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1\(2\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(4.11\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(3\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(6\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(5\)	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4	Trust: 1.6
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0\(1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(2\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7\(1.1\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0\(3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(1.11\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7\(1.3\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4\(2.11\)	Trust: 1.0
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.0(3.6)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.4(7.2)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.1	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.4	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	8.7(1.8)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	eq	version:	9.1(2.8)	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	9.0	Trust: 0.8
vendor:	cisco	model:	adaptive security appliance software	scope:	lt	version:	8.7	Trust: 0.8

sources: JVNDB: JVNDB-2013-004818 // CNNVD: CNNVD-201310-493 // NVD: CVE-2013-5542

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2013-5542
value:	HIGH
Trust: 1.0
NVD:	CVE-2013-5542
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201310-493
value:	HIGH
Trust: 0.6
VULHUB:	VHN-65544
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2013-5542
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-65544
severity:	HIGH
baseScore:	8.5
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	7.8
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-65544 // JVNDB: JVNDB-2013-004818 // CNNVD: CNNVD-201310-493 // NVD: CVE-2013-5542

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-65544 // JVNDB: JVNDB-2013-004818 // NVD: CVE-2013-5542

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201310-493

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201310-493

CONFIGURATIONS

sources: JVNDB: JVNDB-2013-004818

PATCH

title:	cisco-sa-20131009-asa	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa	Trust: 0.8
title:	cisco-sa-20131009-asa	url:	http://www.cisco.com/cisco/web/support/JP/111/1119/1119989_cisco-sa-20131009-asa-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2013-004818

EXTERNAL IDS

db:	NVD	id:	CVE-2013-5542	Trust: 2.8
db:	JVNDB	id:	JVNDB-2013-004818	Trust: 0.8
db:	CNNVD	id:	CNNVD-201310-493	Trust: 0.7
db:	CISCO	id:	20131009 MULTIPLE VULNERABILITIES IN CISCO ASA SOFTWARE	Trust: 0.6
db:	BID	id:	63202	Trust: 0.4
db:	VULHUB	id:	VHN-65544	Trust: 0.1

sources: VULHUB: VHN-65544 // BID: 63202 // JVNDB: JVNDB-2013-004818 // CNNVD: CNNVD-201310-493 // NVD: CVE-2013-5542

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20131009-asa	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5542	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5542	Trust: 0.8
url:	http://www.cisco.com/en/us/products/ps6120/index.html	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3

sources: VULHUB: VHN-65544 // BID: 63202 // JVNDB: JVNDB-2013-004818 // CNNVD: CNNVD-201310-493 // NVD: CVE-2013-5542

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 63202

SOURCES

db:	VULHUB	id:	VHN-65544
db:	BID	id:	63202
db:	JVNDB	id:	JVNDB-2013-004818
db:	CNNVD	id:	CNNVD-201310-493
db:	NVD	id:	CVE-2013-5542

LAST UPDATE DATE

2024-11-23T21:45:30.985000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-65544	date:	2013-10-21T00:00:00
db:	BID	id:	63202	date:	2013-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2013-004818	date:	2013-10-22T00:00:00
db:	CNNVD	id:	CNNVD-201310-493	date:	2013-10-22T00:00:00
db:	NVD	id:	CVE-2013-5542	date:	2024-11-21T01:57:40.270

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-65544	date:	2013-10-21T00:00:00
db:	BID	id:	63202	date:	2013-10-17T00:00:00
db:	JVNDB	id:	JVNDB-2013-004818	date:	2013-10-22T00:00:00
db:	CNNVD	id:	CNNVD-201310-493	date:	2013-10-22T00:00:00
db:	NVD	id:	CVE-2013-5542	date:	2013-10-21T10:54:30.507