CVE-2010-2814

Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/42196
http://secunia.com/advisories/40842	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:cisco:adaptive_security_appliance:8.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(3\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:7.2\(5\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0:::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.7\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.14\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(1.22\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:8.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:8.1\(1\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:8.1\(2\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(5\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.48\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:8.2\(2\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(1\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.5\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(2\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.8\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:7.2\(3\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:8.0\(4\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.17\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.19\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:8.2\(1\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.15\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.16\):::::::*
	cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\(2.10\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance:7.2\(4\):::::::*

OR	cpe:2.3:h:cisco:asa_5550::::::::
	cpe:2.3:h:cisco:pix_500::::::::
	cpe:2.3:h:cisco:pix_firewall_520::::::::
	cpe:2.3:h:cisco:pix_firewall_535::::::::
	cpe:2.3:h:cisco:pix_501::::::::
	cpe:2.3:h:cisco:pix_506e::::::::
	cpe:2.3:h:cisco:pix_firewall_506::::::::
	cpe:2.3:h:cisco:pix_firewall_515::::::::
	cpe:2.3:h:cisco:asa_5505::::::::
	cpe:2.3:h:cisco:asa_5500::::::::
	cpe:2.3:h:cisco:asa_5510::::::::
	cpe:2.3:h:cisco:asa_5520::::::::
	cpe:2.3:h:cisco:pix_firewall_525::::::::
	cpe:2.3:h:cisco:asa_5580::::::::
	cpe:2.3:h:cisco:asa_5540::::::::

Information

Published : 2010-08-09 04:58

Updated : 2018-10-30 09:26

NVD link : CVE-2010-2814

Mitre link : CVE-2010-2814

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

cisco

pix_501
asa_5510
pix_firewall_506
asa_5540
adaptive_security_appliance_software
asa_5505
asa_5550
asa_5500
asa_5580
asa_5520
pix_506e
pix_firewall_515
pix_firewall_525
pix_firewall_535
adaptive_security_appliance
pix_firewall_520
pix_500

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml", "name": "20100804 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "tags": ["Patch", "Vendor Advisory"], "refsource": "CISCO"}, {"url": "http://www.securityfocus.com/bid/42196", "name": "42196", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/40842", "name": "40842", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-2814", "ASSIGNER": "psirt@cisco.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "severity": "HIGH", "impactScore": 6.9, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-08-09T11:58Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(5\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.7\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.14\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(1.22\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.1\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(5\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.48\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.5\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.8\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(3\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.0\\(4\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.17\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.19\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:8.2\\(1\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.15\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.16\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:cisco:adaptive_security_appliance_software:7.2\\(2.10\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:cisco:adaptive_security_appliance:7.2\\(4\\):*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:cisco:asa_5550:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_520:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_535:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_501:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_506e:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_506:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_515:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5505:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5510:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5520:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:pix_firewall_525:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5580:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:h:cisco:asa_5540:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2018-10-30T16:26Z"}

7.8 /10