CVE-2012-0355 โ€” Improper Input Validation in Cisco Adaptive Security Appliance Software

CWE-20 โ€” Improper Input Validation4 documents4 sources
Severity
7.8HIGHNVD
EPSS
1.5%
top 18.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Adaptive Security Appliance Software
Timeline
PublishedMar 15
Latest updateMay 4

Description

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(2.11) and 8.5 before 8.5(1.4) allow remote attackers to cause a denial of service (device reload) via (1) IPv4 or (2) IPv6 packets that trigger syslog message 305006, aka Bug ID CSCts39634.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-vjpx-c5qv-q876: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with softwareโ†—2022-05-04
โ–ถ
CVEList
CVE-2012-0355: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with softwareโ†—2012-03-15
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Moduleโ†—2012-03-14
โ–ถ
CVE-2012-0355 โ€” Improper Input Validation in Cisco | cvebase