CVE-2013-5512

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2013-5512
Race condition in the HTTP Deep Packet Inspection (DPI) feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(5.5), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.4), 9.0.x before 9.0(1.4), and 9.1.x before 9.1(1.2), in certain conditions involving the spoof-server option or ActiveX or Java response inspection, allows remote attackers to cause a denial of service (device reload) via a crafted HTTP response, aka Bug ID CSCud37992.

7.1 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References
Link Resource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5512 Vendor Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(1.11\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(2.11\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(4.1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(4.4\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(5\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.7\(1.3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.6\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(5.35\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(3.9\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.6\(1.10\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(5\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\(2.34\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.6\(1.3\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.4\(4.11\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:9.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\(1\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.2\(5.38\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.5\(1.17\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\(2\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:8.3\(2.37\):*:*:*:*:*:*:*
cpe:2.3:a:cisco:adaptive_security_appliance_software:9.1:*:*:*:*:*:*:*
Information

Published : 2013-10-13 03:20

Updated : 2016-11-01 11:07

NVD link : CVE-2013-5512

Mitre link : CVE-2013-5512

JSON object : View

CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Advertisement

dedicated server usa
Products Affected

cisco

  • adaptive_security_appliance_software