CVE-2013-5542 โ€” Improper Input Validation in Cisco Adaptive Security Appliance Software

CWE-399CWE-20 โ€” Improper Input ValidationCWE-2644 documents4 sources
Severity
8.5HIGHNVD
EPSS
0.8%
top 25.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Adaptive Security Appliance Software
Timeline
PublishedOct 21
Latest updateMay 17

Description

Cisco Adaptive Security Appliance (ASA) Software 8.4 before 8.4(7.2), 8.7 before 8.7(1.8), 9.0 before 9.0(3.6), and 9.1 before 9.1(2.8) allows remote attackers to cause a denial of service (firewall-session disruption or device reload) via crafted ICMP packets, aka Bug ID CSCui77398.

CVSS vector

AV:N/AC:L/C:N/I:P/A:CExploitability: 10.0 | Impact: 7.8

Affected Packages1 packages

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-472v-pch8-9jrf: Cisco Adaptive Security Appliance (ASA) Software 8โ†—2022-05-17
โ–ถ
CVEList
CVE-2013-5542: Cisco Adaptive Security Appliance (ASA) Software 8โ†—2013-10-21
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Cisco
Multiple Vulnerabilities in Cisco ASA Softwareโ†—2013-10-09
โ–ถ
CVE-2013-5542 โ€” Improper Input Validation in Cisco | cvebase