CVE-2013-5567

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 14-07-2014 11:55

Last modified: - 02-06-2022 05:48

Total changes: - 2

Description

Cisco Adaptive Security Appliance (ASA) Software 8.4(.6) and earlier, when using an unsupported configuration with overlapping criteria for filtering and inspection, allows remote attackers to cause a denial of service (traffic loop and device crash) via a packet that triggers multiple matches, aka Bug ID CSCui45606.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:H/Au:N/C:N/I:N/A:C

High

Attack complexity

Network

Attack vector

High

Availability

None

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

5.4

Base score

4.9

6.9

Exploitability score

Impact score

Verification logic

vendor=cisco AND product=adaptive_security_appliance_software AND versionEndIncluding=8.4\(6\)

Reference

20140710 Cisco ASA Filter and Inspect Overlap Denial of Service Vulnerability-Broken Link, Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=34911
1030555-Broken Link, Third Party Advisory, VDB Entry
68504-Third Party Advisory, VDB Entry
cisco-asa-cve20135567-dos(94445)-Third Party Advisory, VDB Entry

Keywords

CVE-2013-5567

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2013-5567

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures