CVE-2012-0353

The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) does not properly handle flows, which allows remote attackers to cause a denial of service (device reload) via a crafted series of (1) IPv4 or (2) IPv6 UDP packets, aka Bug ID CSCtq10441.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:C

Exploitability : 8.6 / Impact : 6.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/80043
http://secunia.com/advisories/48423
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa	Vendor Advisory
http://www.securityfocus.com/bid/52484
http://www.securitytracker.com/id?1026800
https://exchange.xforce.ibmcloud.com/vulnerabilities/74029

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\(2\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\(3\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\(4\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\(5\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(1\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(2\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(3.9\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.1\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(4.4\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\(5\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.3:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\(1\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\(2\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:interim::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.2:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(1\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(1.11\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\(2\):::::::*
	cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:::::::*

OR	cpe:2.3:h:cisco:5500_series_adaptive_security_appliance::::::::
	cpe:2.3:h:cisco:catalyst_6500::::::::
	cpe:2.3:h:cisco:catalyst_6503-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6504-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6506-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6509-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6509-neb-a:-:::::::*
	cpe:2.3:h:cisco:catalyst_6509-v-e:-:::::::*
	cpe:2.3:h:cisco:catalyst_6513:-:::::::*
	cpe:2.3:h:cisco:catalyst_6513-e:-:::::::*

History

No history.

Information

Published : 2012-03-15 00:55

Updated : 2023-08-15 14:41

NVD link : CVE-2012-0353

Mitre link : CVE-2012-0353

CVE.ORG link : CVE-2012-0353

JSON object : View

Products Affected

cisco

catalyst_6504-e
catalyst_6509-v-e
catalyst_6513
catalyst_6509-neb-a
catalyst_6509-e
catalyst_6506-e
catalyst_6503-e
5500_series_adaptive_security_appliance
catalyst_6500
adaptive_security_appliance_software
catalyst_6513-e

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2012-0353", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-03-15T00:55:00.850", "references": [{"url": "http://osvdb.org/80043", "source": "ykramarz@cisco.com"}, {"url": "http://secunia.com/advisories/48423", "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asa", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://www.securityfocus.com/bid/52484", "source": "ykramarz@cisco.com"}, {"url": "http://www.securitytracker.com/id?1026800", "source": "ykramarz@cisco.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74029", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The UDP inspection engine on Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 8.0 before 8.0(5.25), 8.1 before 8.1(2.50), 8.2 before 8.2(5.5), 8.3 before 8.3(2.22), 8.4 before 8.4(2.1), and 8.5 before 8.5(1.2) does not properly handle flows, which allows remote attackers to cause a denial of service (device reload) via a crafted series of (1) IPv4 or (2) IPv6 UDP packets, aka Bug ID CSCtq10441."}, {"lang": "es", "value": "El motor de inspecci\u00f3n UDP de dispositivos de la serie Cisco Adaptive Security Appliances (ASA) 5500, y el ASA Services Module (ASASM) en dispositivos Cisco Catalyst 6500, con el software v8.0 a v8.2 antes de v8.2 (5.20), v8.3 antes de v8.3 (2.29), v8.4 antes de v8.4 (3), v8.5 antes de v8.5 (1.6), y v8.6 antes de v8.6 (1.1) permite a atacantes remotos causar una denegaci\u00f3n de servicio (recarga de dispositivo) a trav\u00e9s de paquetes UDP (1) IPv4 o (2) IPv6 manipulados, tambi\u00e9n conocido como Bug ID CSCtq10441."}], "lastModified": "2023-08-15T14:41:35.310", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AFE6E41-E5C3-48AA-A534-A1AF3E86E3F0"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(2\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "788C1177-EA1F-4C89-B4D2-C3939C45472C"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(3\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31E7CB8A-17DF-43EB-9BCB-F2E5293C949F"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(4\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AAFE1219-5B88-4A41-B1FA-0E3BA9FDA14A"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0\\(5\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04B97D0B-974E-48E7-A5F1-AB572ACB7829"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "656D49C2-4F2E-4369-8933-FF74A3CD51EF"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C68E73D6-A207-4276-A972-52B859CD958A"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F44B4A87-D033-4C3F-B1F8-BC40E2CCDC54"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E406214-2776-42C2-B777-92E6420FBFBF"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2185ED62-166C-4F43-ACA2-C1EF43C48D47"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73BA05D1-78A7-4F90-9448-3F2011EE3EF3"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(2\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2C6ABC8-767A-4B7D-A286-F9C6DF61AC6A"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33F24697-0124-4326-8499-29931D57D246"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(3.9\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7236893-3EE9-4DBE-8A75-5294FD82E922"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97E5BC7E-399F-4FD2-8024-2F4F621BC577"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "22E1D918-A52E-4892-9D0D-EE3E21853BD2"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(4.4\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "333BCB8C-5B17-4EF7-9BFF-0F6B038BE38F"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2\\(5\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA8018B5-4392-4D14-A017-80D325FBCB2C"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F2C8AFA-A4B6-44A2-B00C-1950997493C0"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "465313C5-BFB9-458A-8150-8F7BA1F8C386"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.2:interim:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9C808D46-C846-4C53-A713-150C3FED3FAB"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C15D1F6-997D-47FD-A654-AEF3332E6105"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "31BA0ED9-6962-4E19-89A1-1724AADEC669"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3\\(2\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6A994D8-FAC3-41FD-AC1B-DA5D737A1E8D"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5990B883-0B5A-44F0-B4DC-8031ED0F2026"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.1:interim:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5A002AD-3EB0-43CB-AFAF-4A44DAF11007"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7F417BC-5835-4F29-8DB6-03A62B7B2364"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A914DE5-2269-451A-823A-B26AE1A7F980"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "69683734-528F-488A-8A90-8478FA27B97E"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(1.11\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95EC2D6C-84BA-4A58-B4A0-6FF8613AF9C0"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4\\(2\\):*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "691166C2-1FBD-46EB-8AA5-FCE303444ACD"}, {"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "310B4795-4BC3-4F47-8F54-C513ECC2C9F9"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:5500_series_adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CB79D96-75EA-4B4F-99A7-9AB4158B7301"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6500:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99DE48DF-A309-4A1C-B977-AE81B4EDB589"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F202892E-2E58-4D77-B983-38AFA51CDBC6"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F57DF3E-4069-4EF0-917E-84CDDFCEBEEF"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0BE25114-ABBC-47A0-9C20-E8D40D721313"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FADD5F49-2817-40EC-861C-C922825708BD"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6509-neb-a:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E628F9C4-98C6-4A95-AF81-F1E6A56E8648"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4AFF899C-1EB3-46D8-9003-EA36A68C90B3"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6513:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6463491-F63E-44CB-A1D4-C029BE7D3D3D"}, {"criteria": "cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8668D34-096B-4FC3-B9B1-0ECFD6265778"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}

7.1 /10