CVE-2012-3058 — Race Condition in Cisco Application Control Engine Software

CWE-362 — Race Condition7 documents4 sources

Severity

7.8HIGHNVD

NVD7.1

EPSS

1.0%

top 23.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Application Control Engine Software Cisco Adaptive Security Appliance Software

Timeline

PublishedJun 20

Latest updateMay 17

Description

Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.4 before 8.4(4.1), 8.5 before 8.5(1.11), and 8.6 before 8.6(1.3) allow remote attackers to cause a denial of service (device reload) via IPv6 transit traffic that triggers syslog message 110003, aka Bug ID CSCua27134.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages2 packages

▶NVDcisco/adaptive_security_appliance_software9 versions+8

▶NVDcisco/application_control_engine_softwarea4\(2.0\)+18

🔴Vulnerability Details

GHSA

GHSA-5j99-hfph-3fvm: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software↗2022-05-17

▶

GHSA

GHSA-7gv3-h552-264c: Cisco Application Control Engine (ACE) before A4(2↗2022-05-17

▶

CVEList

CVE-2012-3058: Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software↗2012-06-20

▶

CVEList

CVE-2012-3063: Cisco Application Control Engine (ACE) before A4(2↗2012-06-20

▶

📋Vendor Advisories

Cisco

Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability↗2012-06-20

▶