CVE-2013-3463

Опубликовано: 30 авг. 2013

Источник: nvd

CVSS2: 4.3

EPSS Низкий

Описание

The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=30607
Vendor Advisory
http://www.securityfocus.com/bid/62068
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1028968
Third Party Advisory
VDB Entry
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3463
Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=30607
Vendor Advisory
http://www.securityfocus.com/bid/62068
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1028968
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01166

Низкий

4.3 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-5f5m-7p6h-2wm4

github

больше 3 лет назад