Lucene search
CiscoCVE-2013-3463HistoryAug 30, 2013 - 1:55 a.m.
CVE-2013-3463
2013-08-3001:55:08
CWE-264
cisco
web.nvd.nist.gov
29
cisco
asa
protocol inspection
vulnerability
denial of service
cve-2013-3463
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
6.9
Confidence
High
EPSS
0.003
Percentile
69.3%
The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899.
Affected configurations
Node
ciscoadaptive_security_appliance_softwareMatch-
ciscoadaptive_security_appliance
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | adaptive_security_appliance_software | - | cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:* |
| cisco | adaptive_security_appliance | * | cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2013-3463
2013-08-30 01:00:00
cisco
cisco
Cisco ASA Protocol Inspection Connection Table Denial of Service Vulnerability
2013-08-30 14:22:11
nvd
nvd
CVE-2013-3463
2013-08-30 01:55:08
prion
prion
Input validation
2013-08-30 01:55:00
threatpost
threatpost
Cisco Issues Four Security Advisories
2013-09-03 14:46:08
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
6.9
Confidence
High
EPSS
0.003
Percentile
69.3%
Related for CVE-2013-3463