Published: 08/01/2014 Updated: 29/08/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Adaptive Security Appliance

The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote malicious users to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco adaptive security appliance

A vulnerability in RADIUS Change of Authorization (CoA) messages of the Identity Firewall (IDFW) feature of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to modify the contents of the IDFW user cache The vulnerability is due to insufficient validation of received RADIUS CoA messages An attacker could ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0655 http://secunia.com/advisories/56366 http://tools.cisco.com/security/center/viewAlert.x?alertId=32362 http://www.securityfocus.com/bid/64700 http://osvdb.org/101838 http://www.securitytracker.com/id/1029575 https://exchange.xforce.ibmcloud.com/vulnerabilities/90164 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20140108-CVE-2014-0655

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2014-0655

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect