CVE-2013-5557 — Cisco Adaptive Security Appliance Software vulnerability

4 documents4 sources

Severity

6.3MEDIUMNVD

EPSS

0.3%

top 42.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Adaptive Security Appliance Software

Timeline

PublishedFeb 7

Latest updateMay 17

Description

The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577.

CVSS vector

AV:N/AC:M/C:N/I:N/A:CExploitability: 6.8 | Impact: 6.9

Affected Packages1 packages

▶NVDcisco/adaptive_security_appliance_software9.1\(2\)

🔴Vulnerability Details

GHSA

GHSA-4gw4-f4xq-52c8: The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9↗2022-05-17

▶

CVEList

CVE-2013-5557: The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9↗2015-02-07

▶

📋Vendor Advisories

Cisco

Cisco Adaptive Security Appliance WebVPN Content Rewriter Denial of Service Vulnerability↗2015-02-06

▶