nvd-json-data-feeds/CVE-2013/CVE-2013-34xx/CVE-2013-3415.json

{
  "id": "CVE-2013-3415",
  "sourceIdentifier": "psirt@cisco.com",
  "published": "2013-10-13T10:20:03.740",
  "lastModified": "2024-11-21T01:53:35.523",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine's IP address, aka Bug ID CSCtt36737."
    },
    {
      "lang": "es",
      "value": "Cisco Adaptive Security Appliance (ASA) Software 8.4.x anteriores a 8.4(3) y 8.6.x aanteriores 8.6(1.3) no maneja apropiadamente la memorua hasta la desconexi\u00f3n de un cliente VPN AnyConnect SSL, lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria, y corte de redirecci\u00f3n o cuelgue de sistema) a trav\u00e9s de paquetes a la direcci\u00f3n IP de la m\u00e1quina desconectada, tambien conocido como Bug ID CSCtt36737."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "baseScore": 7.8,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "availabilityImpact": "COMPLETE"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "95EC2D6C-84BA-4A58-B4A0-6FF8613AF9C0"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "691166C2-1FBD-46EB-8AA5-FCE303444ACD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2.11\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "4956430E-BEC1-4788-B0D2-E50E36C70306"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BFCE154-6582-49E2-9B9D-641986B7D653"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "563181F6-6A37-496B-AE25-0D03214BA7BD"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6\\(1.10\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "3CF663E3-9CA5-4E11-B58F-CAC012F2C397"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa",
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3415",
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3415",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    }
  ]
}