CVE-2011-2060 — Cisco Adaptive Security Appliance Software vulnerability

CWE-3993 documents3 sources

Severity

4.9MEDIUMNVD

EPSS

0.1%

top 79.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software

Timeline

PublishedOct 22

Latest updateMay 17

Description

The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 before 8.2(5.3), 8.3 before 8.3(2.20), and 8.4 before 8.4(2.1) does not properly handle non-ASCII characters in an interface description, which allows local users to cause a denial of service (reload without configuration) via a crafted description, aka Bug ID CSCtq50523.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/adaptive_security_appliance_software71 versions+70

🔴Vulnerability Details

GHSA

GHSA-98f6-wwrg-769f: The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8↗2022-05-17

▶

CVEList

CVE-2011-2060: The platform-sw component on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8↗2011-10-22

▶