CVE-2012-2474

Published Aug 6, 2012

Last updated a year ago

Overview

Description: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 allows remote authenticated users to cause a denial of service (memory consumption and blank response page) by using the clientless WebVPN feature, aka Bug ID CSCth34278.
Source: ykramarz@cisco.com
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-200

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "785388F5-E76A-4762-B498-35F69CE537AA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "73BA05D1-78A7-4F90-9448-3F2011EE3EF3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(2\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2C6ABC8-767A-4B7D-A286-F9C6DF61AC6A"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33F24697-0124-4326-8499-29931D57D246"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3.9\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A7236893-3EE9-4DBE-8A75-5294FD82E922"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "97E5BC7E-399F-4FD2-8024-2F4F621BC577"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22E1D918-A52E-4892-9D0D-EE3E21853BD2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.4\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "333BCB8C-5B17-4EF7-9BFF-0F6B038BE38F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(5\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CA8018B5-4392-4D14-A017-80D325FBCB2C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8F2C8AFA-A4B6-44A2-B00C-1950997493C0"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "465313C5-BFB9-458A-8150-8F7BA1F8C386"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9C808D46-C846-4C53-A713-150C3FED3FAB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C15D1F6-997D-47FD-A654-AEF3332E6105"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5990B883-0B5A-44F0-B4DC-8031ED0F2026"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:interim:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5A002AD-3EB0-43CB-AFAF-4A44DAF11007"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7F417BC-5835-4F29-8DB6-03A62B7B2364"
          },
          {
            "criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References