Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2013-3415 | First vendor Publication | 2013-10-13 |
| Vendor | Cve | Last vendor Modification | 2023-08-15 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 7.8 | Attack Range | Network |
| Cvss Impact Score | 6.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine's IP address, aka Bug ID CSCtt36737. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3415 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2013-10-17 | IAVM : 2013-A-0192 - Multiple Vulnerabilities in Cisco ASA Severity : Category I - VMSKEY : V0040780 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-11-16 | Cisco ASA SQLNet inspection engine denial of service attempt RuleID : 31667 - Revision : 3 - Type : SERVER-OTHER |
| 2014-11-16 | Cisco ASA SQLNet inspection engine denial of service attempt RuleID : 31666 - Revision : 3 - Type : SERVER-OTHER |
| 2014-11-16 | Cisco ASA SQLNet inspection engine denial of service attempt RuleID : 31665 - Revision : 3 - Type : SERVER-OTHER |
| 2014-11-16 | Cisco ASA SQLNet inspection engine denial of service attempt RuleID : 31664 - Revision : 3 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-10-17 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20131009-asa.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
| Source | Url |
|---|---|
| CISCO | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa... http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3415 |
Alert History
| Date | Informations |
|---|---|
| 2023-08-15 21:28:40 |
|
| 2021-05-04 12:26:56 |
|
| 2021-04-22 01:32:37 |
|
| 2020-05-23 00:37:41 |
|
| 2016-11-02 00:29:37 |
|
| 2014-02-17 11:20:59 |
|
| 2013-12-20 13:19:26 |
|
| 2013-11-11 12:40:35 |
|
| 2013-10-15 21:22:40 |
|
| 2013-10-13 17:20:45 |
|
