CVE-2015-0678

Published Apr 11, 2015

Last updated 3 months ago

CVSS info 7.8

Overview

Description: The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:asa_with_firepower_services:5.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F831CAB0-9206-4BA4-B888-2B77E96BF5EC"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_with_firepower_services:5.3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EE4A218-A8B8-4408-AA4C-A7A330DBF74F"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_with_firepower_services:5.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E70D4739-02C7-4761-B2E3-4930BEA403B9"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBC9743A-641F-4F0A-97FC-5DF8B0333222"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.1-40:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F7F990CF-B6DD-4EE3-B45D-CE4B1110A6DB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A81A0E90-9200-436C-81BC-FA4BF745EEDB"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0.2-68:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "13B6FFEA-4F46-4D20-9821-FE32B57F6145"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.0_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8068EA1D-6AD6-4BF3-AA1F-C8AD0BC8F298"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-29:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A4AE8C1-9BD1-491A-9835-D95F4D90F496"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.2-42:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A0710827-10AD-4DE9-BB0F-B4D072DDC8DA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "96F09A7A-9A3D-4D73-912A-2B01CEABEFBA"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0AA36AEA-6516-41DD-90D3-0504A4CB5231"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.1.3-13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68C47683-C68B-4B84-80F6-FDFF9156991C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AEFA5ADA-E573-447B-AFD9-E37682B57BD9"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1359CC7F-628F-44EB-B36D-FF1210E227B2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16E7AFAD-3A1D-4244-AA61-85B430E8D51C"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.2.1-4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC110506-3E7F-4DD9-99D2-6E04F1E65D29"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3\\(1.1.112\\):*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EA695E3-7E4E-4ECA-8BF6-4B2024DA15D3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.1-1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBAD7032-2FD8-4FAE-8A77-0488EE8ECAF3"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3.2-1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C5E3D601-FE3F-433A-84BD-6F070000BAE2"
          },
          {
            "criteria": "cpe:2.3:o:cisco:asa_cx_context-aware_security_software:9.3_base:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4D9B6425-12DD-44F4-9708-7D7529CB1DE5"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References