Vulnerability CVE-2010-2814
Published: 2010-08-09   Modified: 2012-02-13

Description:
Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Adaptive security appliance 
Cisco -> Asa 5500 
Cisco -> Adaptive security appliance software 
Cisco -> Asa 5505 
Cisco -> Asa 5510 
Cisco -> Asa 5520 
Cisco -> Asa 5540 
Cisco -> Asa 5550 
Cisco -> Asa 5580 
Cisco -> Pix 500 
Cisco -> Pix 501 
Cisco -> Pix 506e 
Cisco -> Pix firewall 506 
Cisco -> Pix firewall 515 
Cisco -> Pix firewall 520 
Cisco -> Pix firewall 525 
Cisco -> Pix firewall 535 

 References:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b3f12f.shtml
http://www.securityfocus.com/bid/42196
Copyright 2024, cxsecurity.com

 

Back to Top