Sign-up

ID

VAR-201312-0237


CVE

CVE-2013-6696


TITLE

Cisco Adaptive Security Appliance Service disruption in software (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-005343

DESCRIPTION

Cisco Adaptive Security Appliance (ASA) Software does not properly handle errors during the processing of DNS responses, which allows remote attackers to cause a denial of service (device reload) via a malformed response, aka Bug ID CSCuj28861. Vendors have confirmed this vulnerability Bug ID CSCuj28861 It is released as.Third-party service disruption via malformed response ( Device reload ) There is a possibility of being put into a state. Cisco ASA Software is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuj28861

Trust: 1.98

sources: NVD: CVE-2013-6696 // JVNDB: JVNDB-2013-005343 // BID: 64037 // VULHUB: VHN-66698

AFFECTED PRODUCTS

vendor:ciscomodel:adaptive security appliance softwarescope:eqversion: -

Trust: 1.6

vendor:ciscomodel:adaptive security appliancescope:eqversion:*

Trust: 1.0

vendor:ciscomodel:adaptive security appliancescope: - version: -

Trust: 0.8

vendor:ciscomodel:adaptive security appliance softwarescope:lteversion:9.1(.3)

Trust: 0.8

sources: JVNDB: JVNDB-2013-005343 // CNNVD: CNNVD-201312-027 // NVD: CVE-2013-6696

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-6696
value: HIGH

Trust: 1.0

NVD: CVE-2013-6696
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201312-027
value: HIGH

Trust: 0.6

VULHUB: VHN-66698
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-6696
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-66698
severity: HIGH
baseScore: 7.1
vectorString: AV:N/AC:M/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-66698 // JVNDB: JVNDB-2013-005343 // CNNVD: CNNVD-201312-027 // NVD: CVE-2013-6696

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-66698 // JVNDB: JVNDB-2013-005343 // NVD: CVE-2013-6696

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201312-027

TYPE

input validation

Trust: 0.6

sources: CNNVD: CNNVD-201312-027

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-005343

PATCH
title:Cisco ASA Malformed DNS Reply Denial of Service Vulnerabilityurl:http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6696
Trust: 0.8
title:31961url:http://tools.cisco.com/security/center/viewAlert.x?alertId=31961
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2013-005343

EXTERNAL IDS
db:NVDid:CVE-2013-6696
Trust: 2.8
db:JVNDBid:JVNDB-2013-005343
Trust: 0.8
db:CNNVDid:CNNVD-201312-027
Trust: 0.7
db:CISCOid:20131202 CISCO ASA MALFORMED DNS REPLY DENIAL OF SERVICE VULNERABILITY
Trust: 0.6
db:BIDid:64037
Trust: 0.4
db:VULHUBid:VHN-66698
Trust: 0.1
sources:
            
            
            VULHUB: VHN-66698 // 
            
            
            
            BID: 64037 // 
            
            
            
            JVNDB: JVNDB-2013-005343 // 
            
            
            
            CNNVD: CNNVD-201312-027 // 
            
            
            
            NVD: CVE-2013-6696

REFERENCES
url:http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-6696
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6696
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6696
Trust: 0.8
url:http://www.cisco.com/
Trust: 0.3
sources:
            
            
            VULHUB: VHN-66698 // 
            
            
            
            BID: 64037 // 
            
            
            
            JVNDB: JVNDB-2013-005343 // 
            
            
            
            CNNVD: CNNVD-201312-027 // 
            
            
            
            NVD: CVE-2013-6696

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 64037

SOURCES
db:VULHUBid:VHN-66698
db:BIDid:64037
db:JVNDBid:JVNDB-2013-005343
db:CNNVDid:CNNVD-201312-027
db:NVDid:CVE-2013-6696

LAST UPDATE DATE
2024-11-23T23:05:48.714000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-66698date:2014-03-04T00:00:00
db:BIDid:64037date:2013-12-10T00:57:00
db:JVNDBid:JVNDB-2013-005343date:2013-12-04T00:00:00
db:CNNVDid:CNNVD-201312-027date:2013-12-04T00:00:00
db:NVDid:CVE-2013-6696date:2024-11-21T01:59:34.337

SOURCES RELEASE DATE
db:VULHUBid:VHN-66698date:2013-12-02T00:00:00
db:BIDid:64037date:2013-12-02T00:00:00
db:JVNDBid:JVNDB-2013-005343date:2013-12-04T00:00:00
db:CNNVDid:CNNVD-201312-027date:2013-12-04T00:00:00
db:NVDid:CVE-2013-6696date:2013-12-02T22:55:36.443