Lucene search
CiscoCVE-2013-1194HistoryApr 18, 2013 - 6:55 p.m.
CVE-2013-1194
2013-04-1818:55:06
CWE-200
cisco
web.nvd.nist.gov
33
cisco
asa
isakmp
vpn
remote attackers
enumeration
ike aggressive-mode
bug id
cscue73708
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0.002
Percentile
52.2%
The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.
Affected configurations
Node
ciscoadaptive_security_appliance_softwareMatch-
ciscoadaptive_security_appliance
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | adaptive_security_appliance | cpe:/h:cisco:adaptive_security_appliance:::: | |
| cisco | adaptive_security_appliance_software | - | cpe:/o:cisco:adaptive_security_appliance_software:-::: |
Related
packetstorm
packetstorm
Cisco IKE Implementation Group Name Enumeration
2013-04-19 00:00:00
prion
prion
Information disclosure
2013-04-18 18:55:00
securityvulns
securityvulns
Cisco ASA / FWSM multiple security vulnerabilities
2013-04-22 00:00:00
nvd
nvd
CVE-2013-1194
2013-04-18 18:55:06
cvelist
cvelist
CVE-2013-1194
2013-04-18 18:00:00
cisco
cisco
Cisco ASA Software VPN Group Enumeration Vulnerability
2013-04-18 14:22:26
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
6.8
Confidence
Low
EPSS
0.002
Percentile
52.2%
Related for CVE-2013-1194