CVE-2007-0965

4 documents4 sources

Severity

7.8HIGH

EPSS

1.5%

top 18.60%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Firewall Services Module

Timeline

PublishedFeb 16

Latest updateMay 1

Description

Cisco FWSM 3.x before 3.1(3.2), when authentication is configured to use "aaa authentication match" or "aaa authentication include", allows remote attackers to cause a denial of service (device reboot) via a long HTTP request.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/firewall_services_module3.1

Patches

Patch: www.cisco.com ↗Patch: www.cisco.com ↗

🔴Vulnerability Details

GHSA

GHSA-55jx-r3w8-7667: Cisco FWSM 3↗2022-05-01

▶

CVEList

CVE-2007-0965: Cisco FWSM 3↗2007-02-16

▶

💬Community

Bugzilla

CVE-2007-5770 ruby insufficient verification of SSL certificate in various net::* modules↗2007-11-01

▶