exploitDog

CVE-2013-1194

Опубликовано: 18 апр. 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html
Broken Link
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194
Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html
Broken Link
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00375

Низкий

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

GHSA-2p73-3mwf-5gr7

github

больше 3 лет назад

The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.

EPSS

Процентиль: 59%

0.00375

Низкий

5 Medium

CVSS2

Дефекты

CWE-200