CVE-2013-6691

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 14-07-2014 11:55

Last modified: - 02-06-2022 05:49

Total changes: - 2

Description

The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:L/Au:S/C:N/I:N/A:C

Low

Attack complexity

Network

Attack vector

High

Availability

None

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

6.8

Base score

8.0

6.9

Exploitability score

Impact score

Verification logic

vendor=cisco AND product=adaptive_security_appliance_software AND versionEndIncluding=9.0\(4.1\)

Reference

20140711 Cisco ASA CIFS Share Enumeration Denial of Service Vulnerability-Broken Link, Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=34921
68517-Third Party Advisory, VDB Entry
1030565-Broken Link, Third Party Advisory, VDB Entry
cisco-asa-cve20136691-dos(94459)-Third Party Advisory, VDB Entry

Keywords

CVE-2013-6691

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2013-6691

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures