CVE-2007-0962

CWE-3994 documents4 sources

Severity

7.8HIGH

EPSS

4.4%

top 10.95%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

3

Cisco ASA 5500 Cisco Firewall Services Module Cisco PIX Firewall Software

Timeline

PublishedFeb 16

Latest updateMay 1

Description

Cisco PIX 500 and ASA 5500 Series Security Appliances 7.0 before 7.0(4.14) and 7.1 before 7.1(2.1), and the FWSM 2.x before 2.3(4.12) and 3.x before 3.1(3.24), when "inspect http" is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed HTTP traffic.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages3 packages

▶NVDcisco/asa_55007.0, 7.1+1

▶NVDcisco/firewall_services_module2.3, 3.1+1

▶NVDcisco/pix_firewall_software7.0, 7.1+1

Patches

Patch: secunia.com ↗Patch: securitytracker.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

2

GHSA

GHSA-995f-73jj-h5f7: Cisco PIX 500 and ASA 5500 Series Security Appliances 7↗2022-05-01

▶

CVEList

CVE-2007-0962: Cisco PIX 500 and ASA 5500 Series Security Appliances 7↗2007-02-16

▶

📋Vendor Advisories

1

Cisco

Cisco Firewall Services Module, PIX, and ASA Malformed HTTP Requests Denial of Service Vulnerability↗2007-02-14

▶

CVE-2007-0962 (HIGH CVSS 7.8) | Cisco PIX 500 and ASA 5500 Series S | cvebase.io