CiscoCISCO-SA-20111005-FWSMMultiple Vulnerabilities in Cisco Firewall Services Module
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
80.3%
The Cisco Firewall Services Module (FWSM) for the Cisco Catalyst 6500 Series switches and Cisco 7600 Series routers is affected by the following vulnerabilities:
Syslog Message Memory Corruption Denial of Service Vulnerability
Authentication Proxy Denial of Service Vulnerability
TACACS+ Authentication Bypass Vulnerability
Sun Remote Procedure Call (SunRPC) Inspection Denial of Service Vulnerabilities
Internet Locator Server (ILS) Inspection Denial of Service Vulnerability
These vulnerabilities are not interdependent; a release that is affected by one vulnerability is not necessarily affected by the others.
Cisco has released software updates that address these vulnerabilities. Workarounds are available for some of the vulnerabilities disclosed in this advisory.
This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-fwsm [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-fwsm”].
Note: Cisco ASA 5500 Series Adaptive Security Appliances and the Cisco Catalyst 6500 Series ASA Services Module are affected by some of the vulnerabilities described in this advisory. A separate Cisco Security Advisory has been published to disclose these and other vulnerabilities that affect the Cisco ASA 5500 Series Adaptive Security Appliances and the Cisco Catalyst 6500 Series ASA Services Module. The advisory is available at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-asa [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111005-asa”].
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | firewall_services_module | any | cpe:2.3:h:cisco:firewall_services_module:any:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 7.2 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.0 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.2 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.1 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.3 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.4 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 8.5 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 7.2.2.34 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2.34:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance_software | 7.2.3.1 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.3.1:*:*:*:*:*:*:* |
Related
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
80.3%