- Description
- The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.
- Source
- ykramarz@cisco.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-200
- Hype score
- Not currently trending
- Comment
- -
- Impact
- Per: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194 'A vulnerability in the Internet Security Association and Key Management Protocol (ISAKMP) implementation in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to enumerate remote access VPN groups configured in a Cisco ASA device.'
- Solution
- Per: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194 'A vulnerability in the Internet Security Association and Key Management Protocol (ISAKMP) implementation in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to enumerate remote access VPN groups configured in a Cisco ASA device.'
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]