Lucene search

CiscoCVE-2012-4659

HistoryOct 29, 2012 - 8:55 p.m.

CVE-2012-4659

2012-10-2920:55:01

CWE-287

cisco

web.nvd.nist.gov

cve-2012-4659

cisco

asa

ssl vpn

denial of service

aaa

nvd

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.9

Confidence

High

EPSS

0.006

Percentile

77.8%

JSON

The AAA functionality in the IPv4 SSL VPN implementations on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.2 before 8.2(5.30) and 8.3 before 8.3(2.34) allows remote attackers to cause a denial of service (device reload) via a crafted authentication response, aka Bug ID CSCtz04566.

Affected configurations

Nvd

Node

ciscoadaptive_security_appliance_softwareMatch8.2

ciscoadaptive_security_appliance_softwareMatch8.2\(1\)

ciscoadaptive_security_appliance_softwareMatch8.2\(2\)

ciscoadaptive_security_appliance_softwareMatch8.2\(3\)

ciscoadaptive_security_appliance_softwareMatch8.2\(3.9\)

ciscoadaptive_security_appliance_softwareMatch8.2\(4\)

ciscoadaptive_security_appliance_softwareMatch8.2\(4.1\)

ciscoadaptive_security_appliance_softwareMatch8.2\(4.4\)

ciscoadaptive_security_appliance_softwareMatch8.2\(5\)

ciscoadaptive_security_appliance_softwareMatch8.3\(1\)

ciscoadaptive_security_appliance_softwareMatch8.3\(2\)

AND

cisco5500_series_adaptive_security_appliance

ciscocatalyst_6500

ciscocatalyst_6503-eMatch-

ciscocatalyst_6504-eMatch-

ciscocatalyst_6506-eMatch-

ciscocatalyst_6509-eMatch-

ciscocatalyst_6509-neb-aMatch-

ciscocatalyst_6509-v-eMatch-

ciscocatalyst_6513Match-

ciscocatalyst_6513-eMatch-

VendorProductVersionCPE
ciscoadaptive_security_appliance_software8.2cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(1)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(1\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(2)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(2\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(3)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(3.9)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3.9\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(4)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(4.1)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.1\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(4.4)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.4\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(5)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(5\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.3(1)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\(1\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	adaptive_security_appliance_software	8.2	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:::::::*
cisco	adaptive_security_appliance_software	8.2(1)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(1\):::::::*
cisco	adaptive_security_appliance_software	8.2(2)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(2\):::::::*
cisco	adaptive_security_appliance_software	8.2(3)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3\):::::::*
cisco	adaptive_security_appliance_software	8.2(3.9)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3.9\):::::::*
cisco	adaptive_security_appliance_software	8.2(4)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4\):::::::*
cisco	adaptive_security_appliance_software	8.2(4.1)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.1\):::::::*
cisco	adaptive_security_appliance_software	8.2(4.4)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.4\):::::::*
cisco	adaptive_security_appliance_software	8.2(5)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(5\):::::::*
cisco	adaptive_security_appliance_software	8.3(1)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\(1\):::::::*

Rows per page:

1-10 of 211

References

osvdb.org/86137

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-asa

www.securityfocus.com/bid/55865

Social References

CVSS2

7.1

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

AI Score

6.9

Confidence

High

EPSS

0.006

Percentile

77.8%

JSON

Related for CVE-2012-4659