CVE-2010-0149

CWE-287Improper AuthenticationCWE-3994 documents4 sources
Severity
7.8HIGH
EPSS
0.4%
top 38.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco ASA 5500
Timeline
PublishedFeb 19
Latest updateMay 2

Description

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka "TCP Connection Exhaustion Denial of Service Vulnerability."

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

NVDcisco/asa_55005 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-p9qf-76h3-fg7r: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 72022-05-02
CVEList
CVE-2010-0149: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 72010-02-19

📋Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances2010-02-17
CVE-2010-0149 (HIGH CVSS 7.8) | Unspecified vulnerability in Cisco | cvebase.io