Lucene search

CiscoCVE-2013-5511

HistoryOct 13, 2013 - 10:20 a.m.

CVE-2013-5511

2013-10-1310:20:04

CWE-287

cisco

web.nvd.nist.gov

cisco

adaptive security appliance

asdm

remote management

authentication bypass

tcp session

cve-2013-5511

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

Low

EPSS

0.004

Percentile

75.3%

JSON

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote attackers to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815.

Affected configurations

Nvd

Node

ciscoadaptive_security_appliance_softwareMatch8.2

ciscoadaptive_security_appliance_softwareMatch8.2\(1\)

ciscoadaptive_security_appliance_softwareMatch8.2\(2\)

ciscoadaptive_security_appliance_softwareMatch8.2\(3\)

ciscoadaptive_security_appliance_softwareMatch8.2\(3.9\)

ciscoadaptive_security_appliance_softwareMatch8.2\(4\)

ciscoadaptive_security_appliance_softwareMatch8.2\(4.1\)

ciscoadaptive_security_appliance_softwareMatch8.2\(4.4\)

ciscoadaptive_security_appliance_softwareMatch8.2\(5\)

ciscoadaptive_security_appliance_softwareMatch8.2\(5.35\)

ciscoadaptive_security_appliance_softwareMatch8.2\(5.38\)

ciscoadaptive_security_appliance_softwareMatch8.2.1

ciscoadaptive_security_appliance_softwareMatch8.2.2

ciscoadaptive_security_appliance_softwareMatch8.2.2interim

ciscoadaptive_security_appliance_softwareMatch8.2.3

ciscoadaptive_security_appliance_softwareMatch8.3\(1\)

ciscoadaptive_security_appliance_softwareMatch8.3\(2\)

ciscoadaptive_security_appliance_softwareMatch8.3\(2.34\)

ciscoadaptive_security_appliance_softwareMatch8.3\(2.37\)

ciscoadaptive_security_appliance_softwareMatch8.3.1

ciscoadaptive_security_appliance_softwareMatch8.3.1interim

ciscoadaptive_security_appliance_softwareMatch8.3.2

ciscoadaptive_security_appliance_softwareMatch8.4

ciscoadaptive_security_appliance_softwareMatch8.4\(1\)

ciscoadaptive_security_appliance_softwareMatch8.4\(1.11\)

ciscoadaptive_security_appliance_softwareMatch8.4\(2\)

ciscoadaptive_security_appliance_softwareMatch8.4\(2.11\)

ciscoadaptive_security_appliance_softwareMatch8.4\(3\)

ciscoadaptive_security_appliance_softwareMatch8.4\(4.11\)

ciscoadaptive_security_appliance_softwareMatch8.4\(5\)

ciscoadaptive_security_appliance_softwareMatch8.5

ciscoadaptive_security_appliance_softwareMatch8.5\(1\)

ciscoadaptive_security_appliance_softwareMatch8.5\(1.4\)

ciscoadaptive_security_appliance_softwareMatch8.5\(1.17\)

ciscoadaptive_security_appliance_softwareMatch8.6

ciscoadaptive_security_appliance_softwareMatch8.6\(1\)

ciscoadaptive_security_appliance_softwareMatch8.6\(1.3\)

ciscoadaptive_security_appliance_softwareMatch8.6\(1.10\)

ciscoadaptive_security_appliance_softwareMatch8.7\(1.3\)

ciscoadaptive_security_appliance_softwareMatch8.7.1

ciscoadaptive_security_appliance_softwareMatch8.7.1.1

ciscoadaptive_security_appliance_softwareMatch9.0

ciscoadaptive_security_appliance_softwareMatch9.1

ciscoadaptive_security_appliance_softwareMatch9.1\(1.7\)

VendorProductVersionCPE
ciscoadaptive_security_appliance_software8.2cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(1)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(1\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(2)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(2\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(3)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(3.9)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3.9\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(4)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(4.1)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.1\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(4.4)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.4\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(5)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(5\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.2(5.35)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(5.35\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	adaptive_security_appliance_software	8.2	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:::::::*
cisco	adaptive_security_appliance_software	8.2(1)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(1\):::::::*
cisco	adaptive_security_appliance_software	8.2(2)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(2\):::::::*
cisco	adaptive_security_appliance_software	8.2(3)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3\):::::::*
cisco	adaptive_security_appliance_software	8.2(3.9)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3.9\):::::::*
cisco	adaptive_security_appliance_software	8.2(4)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4\):::::::*
cisco	adaptive_security_appliance_software	8.2(4.1)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.1\):::::::*
cisco	adaptive_security_appliance_software	8.2(4.4)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.4\):::::::*
cisco	adaptive_security_appliance_software	8.2(5)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(5\):::::::*
cisco	adaptive_security_appliance_software	8.2(5.35)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(5.35\):::::::*