Vulnslist

Cisco vulnerabilities by product, model, software, and advisory.

Multiple Vulnerabilities in Cisco Firewall Services Module Software

cisco-sa-20131009-fwsm · High · Published · Updated

Cisco Firewall Services Module (FWSM) Software for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers is affected by the following vulnerabilities: Cisco FWSM Command Authorization Vulnerability SQL*Net Inspection Engine Denial of Service Vulnerability These vulnerabilities are independent of each other; a release that is affected by one of the vulnerabilities may not be affected by the other. Successful exploitation of the Cisco FWSM Command Authorization Vulnerability may result in a complete compromise of the confidentiality, integrity and availability of the affected system. Successful exploitation of the SQL*Net Inspection Engine Denial of Service Vulnerability may result in a reload of an affected device, leading to a denial of service (DoS) condition. Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-fwsm Note: The Cisco Adaptive Security Appliance (ASA) may be affected by the SQL*Net Inspection Engine Denial of Service Vulnerability. A separate Cisco Security Advisory has been published to disclose the vulnerabilities that affect the Cisco ASA. That advisory is available at: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa

Cisco advisory · CSAF JSON

Workarounds

There is no workaround that mitigates the Cisco FWSM Command Authorization Vulnerability.

Disabling SQL*Net inspection will mitigate the SQL*Net Inspection Engine Denial of Service Vulnerability. The following commands will disable the default SQL*Net inspection configuration:

ciscofwsm(config)# policy-map global_policy
ciscofwsm(config-pmap)# class inspection_default ciscofwsm(config-pmap-c)# no inspect sqlnet

CVEsCVE-2013-5506, CVE-2013-5508
Cisco Bug IDsCSCub98434, CSCue46080, CSCui34914
CVSS ScoreBase 6.8
Base 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C/E:F/RL:OF/RC:C
Base 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C/E:F/RL:OF/RC:C
Product Names From Source
Cisco Firewall Services Module (FWSM), Cisco Adaptive Security Appliance (ASA) Software 7.0.1, Cisco Adaptive Security Appliance (ASA) Software 7.0.1.4, Cisco Adaptive Security Appliance (ASA) Software 7.0.4, Cisco Adaptive Security Appliance (ASA) Software 7.0.4.2, Cisco Adaptive Security Appliance (ASA) Software 7.0.2, Cisco Adaptive Security Appliance (ASA) Software 7.0.3, Cisco Adaptive Security Appliance (ASA) Software 7.0.7.1, Cisco Adaptive Security Appliance (ASA) Software 7.0.8, Cisco Adaptive Security Appliance (ASA) Software 7.0.7, Cisco Adaptive Security Appliance (ASA) Software 7.0.6, Cisco Adaptive Security Appliance (ASA) Software 7.0.5, Cisco Adaptive Security Appliance (ASA) Software 7.0.5.12, Cisco Adaptive Security Appliance (ASA) Software 7.0.6.4, Cisco Adaptive Security Appliance (ASA) Software 7.0.6.8, Cisco Adaptive Security Appliance (ASA) Software 7.0.6.18, Cisco Adaptive Security Appliance (ASA) Software 7.0.6.22, Cisco Adaptive Security Appliance (ASA) Software 7.0.6.26, Cisco Adaptive Security Appliance (ASA) Software 7.0.6.29, Cisco Adaptive Security Appliance (ASA) Software 7.0.6.32, Cisco Adaptive Security Appliance (ASA) Software 7.0.7.4, Cisco Adaptive Security Appliance (ASA) Software 7.0.7.9, Cisco Adaptive Security Appliance (ASA) Software 7.0.7.12, Cisco Adaptive Security Appliance (ASA) Software 7.0.8.2, Cisco Adaptive Security Appliance (ASA) Software 7.0.8.8, Cisco Adaptive Security Appliance (ASA) Software 7.0.8.12, Cisco Adaptive Security Appliance (ASA) Software 7.0.8.13, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.61, Cisco Adaptive Security Appliance (ASA) Software 7.1.2, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.81, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.64, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.72, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.16, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.20, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.24, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.28, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.38, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.42, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.46, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.49, Cisco Adaptive Security Appliance (ASA) Software 7.1.2.53, Cisco Adaptive Security Appliance (ASA) Software 7.2.2.34, Cisco Adaptive Security Appliance (ASA) Software 7.2.3.1, Cisco Adaptive Security Appliance (ASA) Software 7.2.2, Cisco Adaptive Security Appliance (ASA) Software 7.2.4, Cisco Adaptive Security Appliance (ASA) Software 7.2.3, Cisco Adaptive Security Appliance (ASA) Software 7.2.1, Cisco Adaptive Security Appliance (ASA) Software 7.2.4.27, Cisco Adaptive Security Appliance (ASA) Software 7.2.4.30, Cisco Adaptive Security Appliance (ASA) Software 7.2.5, Cisco Adaptive Security Appliance (ASA) Software 7.2.4.33, Cisco Adaptive Security Appliance (ASA) Software 7.2.1.9, Cisco Adaptive Security Appliance (ASA) Software 7.2.1.13, Cisco Adaptive Security Appliance (ASA) Software 7.2.1.19, Cisco Adaptive Security Appliance (ASA) Software 7.2.1.24, Cisco Adaptive Security Appliance (ASA) Software 7.2.2.6, Cisco Adaptive Security Appliance (ASA) Software 7.2.2.10, Cisco Adaptive Security Appliance (ASA) Software 7.2.2.14, Cisco Adaptive Security Appliance (ASA) Software 7.2.2.18, Cisco Adaptive Security Appliance (ASA) Software 7.2.2.19, Cisco Adaptive Security Appliance (ASA) Software 7.2.2.22, Cisco Adaptive Security Appliance (ASA) Software 7.2.3.12, Cisco Adaptive Security Appliance (ASA) Software 7.2.3.16, Cisco Adaptive Security Appliance (ASA) Software 7.2.4.6, Cisco Adaptive Security Appliance (ASA) Software 7.2.4.9, Cisco Adaptive Security Appliance (ASA) Software 7.2.4.18, Cisco Adaptive Security Appliance (ASA) Software 7.2.4.25, Cisco Adaptive Security Appliance (ASA) Software 7.2.5.2, Cisco Adaptive Security Appliance (ASA) Software 7.2.5.4, Cisco Adaptive Security Appliance (ASA) Software 7.2.5.7, Cisco Adaptive Security Appliance (ASA) Software 7.2.5.8, Cisco Adaptive Security Appliance (ASA) Software 7.2.5.10, Cisco Adaptive Security Appliance (ASA) Software 8.0.2.11, Cisco Adaptive Security Appliance (ASA) Software 8.0.4, Cisco Adaptive Security Appliance (ASA) Software 8.0.3, Cisco Adaptive Security Appliance (ASA) Software 8.0.2, Cisco Adaptive Security Appliance (ASA) Software 8.0.1.2, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.25, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.28, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.33, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.32, Cisco Adaptive Security Appliance (ASA) Software 8.0.5, Cisco Adaptive Security Appliance (ASA) Software 8.0.2.15, Cisco Adaptive Security Appliance (ASA) Software 8.0.3.6, Cisco Adaptive Security Appliance (ASA) Software 8.0.3.12, Cisco Adaptive Security Appliance (ASA) Software 8.0.3.19, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.3, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.9, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.16, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.23, Cisco Adaptive Security Appliance (ASA) Software 8.0.4.31, Cisco Adaptive Security Appliance (ASA) Software 8.0.5.20, Cisco Adaptive Security Appliance (ASA) Software 8.0.5.23, Cisco Adaptive Security Appliance (ASA) Software 8.0.5.25, Cisco Adaptive Security Appliance (ASA) Software 8.0.5.27, Cisco Adaptive Security Appliance (ASA) Software 8.0.5.28, Cisco Adaptive Security Appliance (ASA) Software 8.0.5.31, Cisco Adaptive Security Appliance (ASA) Software 8.2.0.45, Cisco Adaptive Security Appliance (ASA) Software 8.2.1, Cisco Adaptive Security Appliance (ASA) Software 8.2.2, Cisco Adaptive Security Appliance (ASA) Software 8.2.2.10, Cisco Adaptive Security Appliance (ASA) Software 8.2.3, Cisco Adaptive Security Appliance (ASA) Software 8.2.4, Cisco Adaptive Security Appliance (ASA) Software 8.2.1.11, Cisco Adaptive Security Appliance (ASA) Software 8.2.2.9, Cisco Adaptive Security Appliance (ASA) Software 8.2.2.12, Cisco Adaptive Security Appliance (ASA) Software 8.2.2.16, Cisco Adaptive Security Appliance (ASA) Software 8.2.4.1, Cisco Adaptive Security Appliance (ASA) Software 8.2.4.4, Cisco Adaptive Security Appliance (ASA) Software 8.2.5, Cisco Adaptive Security Appliance (ASA) Software 8.2.5.13, Cisco Adaptive Security Appliance (ASA) Software 8.2.5.22, Cisco Adaptive Security Appliance (ASA) Software 8.2.5.26, Cisco Adaptive Security Appliance (ASA) Software 8.2.2.17, Cisco Adaptive Security Appliance (ASA) Software 8.2.5.33, Cisco Adaptive Security Appliance (ASA) Software 8.2.5.40, Cisco Adaptive Security Appliance (ASA) Software 8.2.5.41, Cisco Adaptive Security Appliance (ASA) Software 8.1.1, Cisco Adaptive Security Appliance (ASA) Software 8.1.2, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.15, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.16, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.19, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.23, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.24, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.50, Cisco Adaptive Security Appliance (ASA) Software 8.1.1.6, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.13, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.49, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.55, Cisco Adaptive Security Appliance (ASA) Software 8.1.2.56, Cisco Adaptive Security Appliance (ASA) Software 8.3.1.1, Cisco Adaptive Security Appliance (ASA) Software 8.3.1, Cisco Adaptive Security Appliance (ASA) Software 8.3.2, Cisco Adaptive Security Appliance (ASA) Software 8.3.2.23, Cisco Adaptive Security Appliance (ASA) Software 8.3.2.25, Cisco Adaptive Security Appliance (ASA) Software 8.3.1.4, Cisco Adaptive Security Appliance (ASA) Software 8.3.1.6, Cisco Adaptive Security Appliance (ASA) Software 8.3.2.4, Cisco Adaptive Security Appliance (ASA) Software 8.3.2.13, Cisco Adaptive Security Appliance (ASA) Software 8.3.2.31, Cisco Adaptive Security Appliance (ASA) Software 8.3.2.33, Cisco Adaptive Security Appliance (ASA) Software 8.3.2.34, Cisco Adaptive Security Appliance (ASA) Software 8.3.2.37, Cisco Adaptive Security Appliance (ASA) Software 8.4.1, Cisco Adaptive Security Appliance (ASA) Software 8.4.2, Cisco Adaptive Security Appliance (ASA) Software 8.4.1.3, Cisco Adaptive Security Appliance (ASA) Software 8.4.1.11, Cisco Adaptive Security Appliance (ASA) Software 8.4.2.8, Cisco Adaptive Security Appliance (ASA) Software 8.4.3, Cisco Adaptive Security Appliance (ASA) Software 8.4.3.8, Cisco Adaptive Security Appliance (ASA) Software 8.4.3.9, Cisco Adaptive Security Appliance (ASA) Software 8.4.4, Cisco Adaptive Security Appliance (ASA) Software 8.4.4.1, Cisco Adaptive Security Appliance (ASA) Software 8.4.4.3, Cisco Adaptive Security Appliance (ASA) Software 8.4.4.5, Cisco Adaptive Security Appliance (ASA) Software 8.4.4.9, Cisco Adaptive Security Appliance (ASA) Software 8.4.5, Cisco Adaptive Security Appliance (ASA) Software 8.4.5.6, Cisco Adaptive Security Appliance (ASA) Software 8.4.2.1, Cisco Adaptive Security Appliance (ASA) Software 8.5.1, Cisco Adaptive Security Appliance (ASA) Software 8.5.1.1, Cisco Adaptive Security Appliance (ASA) Software 8.5.1.6, Cisco Adaptive Security Appliance (ASA) Software 8.5.1.7, Cisco Adaptive Security Appliance (ASA) Software 8.5.1.14, Cisco Adaptive Security Appliance (ASA) Software 8.5.1.17, Cisco Adaptive Security Appliance (ASA) Software 8.6.1.1, Cisco Adaptive Security Appliance (ASA) Software 8.6.1, Cisco Adaptive Security Appliance (ASA) Software 8.6.1.2, Cisco Adaptive Security Appliance (ASA) Software 8.6.1.5, Cisco Adaptive Security Appliance (ASA) Software 8.6.1.10, Cisco Adaptive Security Appliance (ASA) Software 8.7.1, Cisco Adaptive Security Appliance (ASA) Software 8.7.1.1, Cisco Adaptive Security Appliance (ASA) Software 8.7.1.3, Cisco Adaptive Security Appliance (ASA) Software 8.7.1.4, Cisco Adaptive Security Appliance (ASA) Software 9.0.1, Cisco Adaptive Security Appliance (ASA) Software 9.0.2, Cisco Adaptive Security Appliance (ASA) Software 9.0.2.10, Cisco Adaptive Security Appliance (ASA) Software 9.0.3, Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6, Cisco Adaptive Security Appliance (ASA) Software 9.1.1, Cisco Adaptive Security Appliance (ASA) Software 9.1.1.4, Cisco Adaptive Security Appliance (ASA) Software 9.1.2, Cisco Adaptive Security Appliance (ASA) Software 9.1.3, Cisco Adaptive Security Appliance (ASA) Software 9.1.2.8, Cisco Adaptive Security Appliance (ASA) Software

Related Products

Product CVE Evidence
Cisco Firewall Services Module (FWSM) CVE-2013-5508 Cisco OpenVuln
Cisco Firewall Services Module (FWSM) CVE-2013-5506 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2013-5508 Cisco OpenVuln
Cisco Adaptive Security Appliance (ASA) Software CVE-2013-5506 Cisco OpenVuln