exploitDog

CVE-2013-1195

Опубликовано: 24 апр. 2013

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The time-based ACL implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly handle periodic statements for the time-range command, which allows remote attackers to bypass intended access restrictions by sending network traffic during denied time periods, aka Bug IDs CSCuf79091 and CSCug45850.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1195
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1195
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:h:cisco:firewall_services_module:*:*:*:*:*:*:*:*

cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.00156

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-x68x-wjx6-mq7m

github

больше 3 лет назад

The time-based ACL implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly handle periodic statements for the time-range command, which allows remote attackers to bypass intended access restrictions by sending network traffic during denied time periods, aka Bug IDs CSCuf79091 and CSCug45850.

EPSS

Процентиль: 37%

0.00156

Низкий

5 Medium

CVSS2

Дефекты

CWE-264