CVE-2010-0151

The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml	Patch Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/38274
http://secunia.com/advisories/38621	Vendor Advisory
http://www.securitytracker.com/id?1023609
http://www.vupen.com/english/advisories/2010/0418
http://osvdb.org/62432
https://exchange.xforce.ibmcloud.com/vulnerabilities/56333

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:h:cisco:firewall_services_module:4.0:::::::*
	cpe:2.3:h:cisco:firewall_services_module:4.0\(4\):::::::*
	cpe:2.3:h:cisco:firewall_services_module:4.0\(6\):::::::*

OR	cpe:2.3:h:cisco:5500_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:asa_5500::::::::
	cpe:2.3:h:cisco:5580_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5550_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:catalyst_6500::::::::
	cpe:2.3:h:cisco:catalyst_7600::::::::
	cpe:2.3:h:cisco:5510_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5505_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5540_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5520_series_adaptive_security_appliance::::::::

Information

Published : 2010-02-19 09:30

Updated : 2017-08-16 18:31

NVD link : CVE-2010-0151

Mitre link : CVE-2010-0151

JSON object : View

CWE

NVD-CWE-Other

Products Affected

cisco

5500_series_adaptive_security_appliance
catalyst_7600
asa_5500
5580_series_adaptive_security_appliance
5540_series_adaptive_security_appliance
5520_series_adaptive_security_appliance
catalyst_6500
5505_series_adaptive_security_appliance
firewall_services_module
5510_series_adaptive_security_appliance
5550_series_adaptive_security_appliance

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml", "name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "tags": ["Patch", "Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml", "name": "20100217 Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability", "tags": ["Patch", "Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.securityfocus.com/bid/38274", "name": "38274", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/38621", "name": "38621", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1023609", "name": "1023609", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.vupen.com/english/advisories/2010/0418", "name": "ADV-2010-0418", "tags": [], "refsource": "VUPEN"}, {"url": "http://osvdb.org/62432", "name": "62432", "tags": [], "refsource": "OSVDB"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56333", "name": "cisco-fwsm-asa-sccp-dos(56333)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-0151", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-02-19T17:30Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:firewall_services_module:4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:firewall_services_module:4.0\\(4\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:firewall_services_module:4.0\\(6\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:5580_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:5550_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:catalyst_7600:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:5510_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:5505_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:5540_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:cisco:5520_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:31Z"}

7.8 /10