CVE-2010-0566

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/38278
http://secunia.com/advisories/38618	Vendor Advisory
http://www.securitytracker.com/id?1023612
http://www.vupen.com/english/advisories/2010/0415	Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml	Vendor Advisory
http://osvdb.org/62431
https://exchange.xforce.ibmcloud.com/vulnerabilities/56340

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:h:cisco:asa_5500:7.1:::::::*
	cpe:2.3:h:cisco:asa_5500:8.0:::::::*
	cpe:2.3:h:cisco:asa_5500:8.1:::::::*
	cpe:2.3:h:cisco:asa_5500:8.2:::::::*
	cpe:2.3:h:cisco:asa_5500:7.2:::::::*
	cpe:2.3:h:cisco:pix_500::::::::

Information

Published : 2010-02-19 09:30

Updated : 2017-08-16 18:32

NVD link : CVE-2010-0566

Mitre link : CVE-2010-0566

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

cisco

asa_5500
pix_500

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/38278", "name": "38278", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/38618", "name": "38618", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.securitytracker.com/id?1023612", "name": "1023612", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.vupen.com/english/advisories/2010/0415", "name": "ADV-2010-0415", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml", "name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "tags": ["Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://osvdb.org/62431", "name": "62431", "tags": [], "refsource": "OSVDB"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340", "name": "cisco-asa-nat-aipssm-dos(56340)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-0566", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-02-19T17:30Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5500:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5500:8.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5500:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-17T01:32Z"}