CVE-2010-0151

The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message.

CVSS v2.0 7.8 HIGH

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability : 10.0 / Impact : 6.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/62432
http://secunia.com/advisories/38621	Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml	Patch Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml	Patch Vendor Advisory
http://www.securityfocus.com/bid/38274
http://www.securitytracker.com/id?1023609
http://www.vupen.com/english/advisories/2010/0418
https://exchange.xforce.ibmcloud.com/vulnerabilities/56333

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:h:cisco:firewall_services_module:4.0:::::::*
	cpe:2.3:h:cisco:firewall_services_module:4.0\(4\):::::::*
	cpe:2.3:h:cisco:firewall_services_module:4.0\(6\):::::::*

OR	cpe:2.3:h:cisco:5500_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5505_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5510_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5520_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5540_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5550_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:5580_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:asa_5500::::::::
	cpe:2.3:h:cisco:catalyst_6500::::::::
	cpe:2.3:h:cisco:catalyst_7600::::::::

History

No history.

Information

Published : 2010-02-19 17:30

Updated : 2017-08-17 01:31

NVD link : CVE-2010-0151

Mitre link : CVE-2010-0151

CVE.ORG link : CVE-2010-0151

JSON object : View

Products Affected

cisco

5510_series_adaptive_security_appliance
firewall_services_module
catalyst_7600
5520_series_adaptive_security_appliance
5580_series_adaptive_security_appliance
5500_series_adaptive_security_appliance
5505_series_adaptive_security_appliance
5540_series_adaptive_security_appliance
catalyst_6500
5550_series_adaptive_security_appliance
asa_5500

CWE

NVD-CWE-Other

{"id": "CVE-2010-0151", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-02-19T17:30:00.787", "references": [{"url": "http://osvdb.org/62432", "source": "ykramarz@cisco.com"}, {"url": "http://secunia.com/advisories/38621", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml", "tags": ["Patch", "Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/38274", "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id?1023609", "source": "ykramarz@cisco.com"}, {"url": "http://www.vupen.com/english/advisories/2010/0418", "source": "ykramarz@cisco.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56333", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 switches, Cisco 7600 routers, and ASA 5500 Adaptive Security Appliances, allows remote attackers to cause a denial of service (crash) via a malformed Skinny Client Control Protocol (SCCP) message."}, {"lang": "es", "value": "El Cisco Firewall Services Module (FWSM) v4.0 anterior a v4.0(8), que se utiliza en los switches Cisco Catalyst 6500, routers Cisco 7600 y ASA 5500 Adaptive Security Appliances, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (cuelgue) a trav\u00e9s de mensajes malformados del Skinny Client Control Protocol (SCCP)."}], "lastModified": "2017-08-17T01:31:53.633", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:firewall_services_module:4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "26535762-EE50-4C4F-831E-A0ABFF4ADAF0"}, {"criteria": "cpe:2.3:h:cisco:firewall_services_module:4.0\\(4\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ADDB8F07-38B4-498D-9455-9414B69A0626"}, {"criteria": "cpe:2.3:h:cisco:firewall_services_module:4.0\\(6\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5113E779-7205-4761-9B5D-E6B254F48F49"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301"}, {"criteria": "cpe:2.3:h:cisco:5505_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "DE68D7A3-E7A5-4739-8808-2B5FB61F9CED"}, {"criteria": "cpe:2.3:h:cisco:5510_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "38121FAF-1F69-415A-A62D-DBEE90729F01"}, {"criteria": "cpe:2.3:h:cisco:5520_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D94FFC7A-43F7-4292-864B-56CC978375AF"}, {"criteria": "cpe:2.3:h:cisco:5540_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "9BC7F46C-AADA-4D82-AA3C-28563A41FCCB"}, {"criteria": "cpe:2.3:h:cisco:5550_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1A592194-AF27-493F-8200-DFB8EAB6BCE8"}, {"criteria": "cpe:2.3:h:cisco:5580_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C1952453-31B6-4FDD-955B-C46C065EB81B"}, {"criteria": "cpe:2.3:h:cisco:asa_5500:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6FCBA3A3-7C8F-481A-9BEC-78981547F8BE"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589"}, {"criteria": "cpe:2.3:h:cisco:catalyst_7600:*:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C8D63186-5834-448C-98F2-0C189A11D25D"}], "operator": "OR"}], "operator": "AND"}], "evaluatorImpact": "Per: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910e.shtml\r\n\r\n\"All non-fixed 4.x versions of Cisco FWSM Software are affected by this vulnerability if SCCP inspection is enabled. SCCP inspection is enabled by default.\"", "sourceIdentifier": "ykramarz@cisco.com"}

7.8 /10