Published: 13/10/2013 Updated: 15/08/2023

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x prior to 8.2(5.46), 8.3.x prior to 8.3(2.39), 8.4.x prior to 8.4(6), 8.5.x prior to 8.5(1.18), 8.6.x prior to 8.6(1.12), 8.7.x prior to 8.7(1.7), 9.0.x prior to 9.0(3.1), and 9.1.x prior to 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote malicious users to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco adaptive security appliance software 8.3.1
cisco adaptive security appliance software 8.2.2
cisco adaptive security appliance software 8.2.1
cisco adaptive security appliance software 8.3.2
cisco adaptive security appliance software 8.3\\(2.34\\)
cisco adaptive security appliance software 8.2.3
cisco adaptive security appliance software 8.2\\(5.38\\)
cisco adaptive security appliance software 8.2\\(3\\)
cisco adaptive security appliance software 8.2\\(4\\)
cisco adaptive security appliance software 8.2\\(3.9\\)
cisco adaptive security appliance software 8.2\\(5\\)
cisco adaptive security appliance software 8.2\\(2\\)
cisco adaptive security appliance software 8.3\\(2\\)
cisco adaptive security appliance software 8.2\\(4.4\\)
cisco adaptive security appliance software 8.2\\(5.35\\)
cisco adaptive security appliance software 8.2
cisco adaptive security appliance software 8.2\\(1\\)
cisco adaptive security appliance software 8.3\\(1\\)
cisco adaptive security appliance software 8.3\\(2.37\\)
cisco adaptive security appliance software 8.2\\(4.1\\)
cisco adaptive security appliance software 8.4\\(1.11\\)
cisco adaptive security appliance software 8.4\\(2\\)
cisco adaptive security appliance software 8.4\\(4.11\\)
cisco adaptive security appliance software 8.4\\(5\\)
cisco adaptive security appliance software 8.4\\(2.11\\)
cisco adaptive security appliance software 8.4\\(1\\)
cisco adaptive security appliance software 8.4\\(3\\)
cisco adaptive security appliance software 8.4
cisco adaptive security appliance software 8.6\\(1\\)
cisco adaptive security appliance software 8.6\\(1.10\\)
cisco adaptive security appliance software 8.5
cisco adaptive security appliance software 8.6\\(1.3\\)
cisco adaptive security appliance software 8.5\\(1\\)
cisco adaptive security appliance software 8.5\\(1.17\\)
cisco adaptive security appliance software 8.5\\(1.4\\)
cisco adaptive security appliance software 8.6
cisco adaptive security appliance software 8.7.1
cisco adaptive security appliance software 9.0
cisco adaptive security appliance software 8.7\\(1.3\\)
cisco adaptive security appliance software 8.7.1.1
cisco adaptive security appliance software 9.1
cisco adaptive security appliance software 9.1\\(1.7\\)

Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulnerabilities: IPsec VPN Crafted ICMP Packet Denial of Service Vulnerability SQL*Net Inspection Engine Denial of Service Vulnerability Digital Certificate Authentication Bypass Vulnerability Remote Access VPN Authentication Bypass Vulnerability Digi ...

CWE-287 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5511 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa

CVE-2013-5511

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect