CVE-2008-0028

CWE-3994 documents4 sources

Severity

7.1HIGH

EPSS

1.8%

top 17.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software Cisco PIX Firewall Software

Timeline

PublishedJan 23

Latest updateMay 1

Description

Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 8.6 | Impact: 6.9

Affected Packages2 packages

▶NVDcisco/adaptive_security_appliance_software< 7.2\(3\)6+1

▶NVDcisco/pix_firewall_software< 7.2\(3\)6+1

🔴Vulnerability Details

GHSA

GHSA-cj9p-7339-g76g: Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7↗2022-05-01

▶

CVEList

CVE-2008-0028: Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7↗2008-01-23

▶

📋Vendor Advisories

Cisco

Cisco PIX and ASA Time-to-Live Vulnerability↗2008-01-23

▶