CVE-2013-3415

2013-10-1310:20:03

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.7

Confidence

High

EPSS

0.002

Percentile

56.0%

JSON

Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine’s IP address, aka Bug ID CSCtt36737.

Affected configurations

Nvd

Node

ciscoadaptive_security_appliance_softwareMatch8.4

ciscoadaptive_security_appliance_softwareMatch8.4\(1\)

ciscoadaptive_security_appliance_softwareMatch8.4\(1.11\)

ciscoadaptive_security_appliance_softwareMatch8.4\(2\)

ciscoadaptive_security_appliance_softwareMatch8.4\(2.11\)

ciscoadaptive_security_appliance_softwareMatch8.6

ciscoadaptive_security_appliance_softwareMatch8.6\(1\)

ciscoadaptive_security_appliance_softwareMatch8.6\(1.10\)

VendorProductVersionCPE
ciscoadaptive_security_appliance_software8.4cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.4(1)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(1\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.4(1.11)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(1.11\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.4(2)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(2\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.4(2.11)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(2.11\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.6cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.6(1)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6\(1\):*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software8.6(1.10)cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6\(1.10\):*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	adaptive_security_appliance_software	8.4	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:::::::*
cisco	adaptive_security_appliance_software	8.4(1)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(1\):::::::*
cisco	adaptive_security_appliance_software	8.4(1.11)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(1.11\):::::::*
cisco	adaptive_security_appliance_software	8.4(2)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(2\):::::::*
cisco	adaptive_security_appliance_software	8.4(2.11)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(2.11\):::::::*
cisco	adaptive_security_appliance_software	8.6	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6:::::::*
cisco	adaptive_security_appliance_software	8.6(1)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6\(1\):::::::*
cisco	adaptive_security_appliance_software	8.6(1.10)	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6\(1.10\):::::::*