var-201504-0293
Vulnerability from variot
The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954. Successful exploits may allow attackers to cause the reload of the affected system, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCus11007 and CSCun56954
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201504-0293",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.3.2-1"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.3.1-1"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.2.1-4"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.2.1-3"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.2.1-2"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.2.1-1"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.1.3-8"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.1.3-13"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.1.3-10"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "9.1.2-42"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "9.0.2"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "9.0.1"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "9.1.2-29"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "9.0.2-68"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "9.0.1-40"
},
{
"model": "asa with firepower services",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3.1.1"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3\\(1.1.112\\)"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.3_base"
},
{
"model": "asa with firepower services",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.4.0"
},
{
"model": "asa with firepower services",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "5.3.1"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "9.0_base"
},
{
"model": "asa with firepower services",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "5.4.0.1"
},
{
"model": "asa with firepower services",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "5.4.x"
},
{
"model": "asa firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.4"
},
{
"model": "asa firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.1"
},
{
"model": "asa firepower services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.1.1"
},
{
"model": "asa cx context-aware security software",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3(1.1.112)"
},
{
"model": "asa firepower services",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "5.3.1.2"
},
{
"model": "asa cx context-aware security software",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "9.3.2.1-9"
}
],
"sources": [
{
"db": "BID",
"id": "73968"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-187"
},
{
"db": "NVD",
"id": "CVE-2015-0678"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:asa_cx_context-aware_security_software",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:cisco:asa_with_firepower_services",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco",
"sources": [
{
"db": "BID",
"id": "73968"
}
],
"trust": 0.3
},
"cve": "CVE-2015-0678",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2015-0678",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-78624",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2015-0678",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2015-0678",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201504-187",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-78624",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78624"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-187"
},
{
"db": "NVD",
"id": "CVE-2015-0678"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The virtualization layer in Cisco ASA FirePOWER Software before 5.3.1.2 and 5.4.x before 5.4.0.1 and ASA Context-Aware (CX) Software before 9.3.2.1-9 allows remote attackers to cause a denial of service (device reload) by rapidly sending crafted packets to the management interface, aka Bug IDs CSCus11007 and CSCun56954. \nSuccessful exploits may allow attackers to cause the reload of the affected system, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug IDs CSCus11007 and CSCun56954",
"sources": [
{
"db": "NVD",
"id": "CVE-2015-0678"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
},
{
"db": "BID",
"id": "73968"
},
{
"db": "VULHUB",
"id": "VHN-78624"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2015-0678",
"trust": 2.8
},
{
"db": "SECTRACK",
"id": "1032046",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002211",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201504-187",
"trust": 0.7
},
{
"db": "BID",
"id": "73968",
"trust": 0.4
},
{
"db": "VULHUB",
"id": "VHN-78624",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78624"
},
{
"db": "BID",
"id": "73968"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-187"
},
{
"db": "NVD",
"id": "CVE-2015-0678"
}
]
},
"id": "VAR-201504-0293",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-78624"
}
],
"trust": 0.6714285999999999
},
"last_update_date": "2024-11-23T22:18:24.609000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20150408-cxfp",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-cxfp"
},
{
"title": "38186",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38186"
},
{
"title": "cisco-sa-20150408-cxfp",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/JP/112/1128/1128964_cisco-sa-20150408-cxfp-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78624"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
},
{
"db": "NVD",
"id": "CVE-2015-0678"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20150408-cxfp"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1032046"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-0678"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2015-0678"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=38186"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-78624"
},
{
"db": "BID",
"id": "73968"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-187"
},
{
"db": "NVD",
"id": "CVE-2015-0678"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-78624"
},
{
"db": "BID",
"id": "73968"
},
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
},
{
"db": "CNNVD",
"id": "CNNVD-201504-187"
},
{
"db": "NVD",
"id": "CVE-2015-0678"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-04-11T00:00:00",
"db": "VULHUB",
"id": "VHN-78624"
},
{
"date": "2015-04-08T00:00:00",
"db": "BID",
"id": "73968"
},
{
"date": "2015-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002211"
},
{
"date": "2015-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-187"
},
{
"date": "2015-04-11T01:59:00.087000",
"db": "NVD",
"id": "CVE-2015-0678"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-10-01T00:00:00",
"db": "VULHUB",
"id": "VHN-78624"
},
{
"date": "2015-04-08T00:00:00",
"db": "BID",
"id": "73968"
},
{
"date": "2015-04-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2015-002211"
},
{
"date": "2015-04-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201504-187"
},
{
"date": "2024-11-21T02:23:31.367000",
"db": "NVD",
"id": "CVE-2015-0678"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-187"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco ASA FirePOWER Software and ASA Context-Aware Service disruption in the software virtualization layer (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2015-002211"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201504-187"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.