CVE Vulnerabilities

CVE-2013-1155

Improper Authentication

Published: Apr 11, 2013 | Modified: Apr 15, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Firewall_services_module_software Cisco 3.2(8) 3.2(8)
Firewall_services_module_software Cisco 3.2(6) 3.2(6)
Firewall_services_module_software Cisco 3.1 3.1
Firewall_services_module_software Cisco 4.0(4) 4.0(4)
Firewall_services_module_software Cisco 4.0(15) 4.0(15)
Firewall_services_module_software Cisco 3.2(13) 3.2(13)
Firewall_services_module_software Cisco 4.0(2) 4.0(2)
Firewall_services_module_software Cisco 3.2(4) 3.2(4)
Firewall_services_module_software Cisco 4.0(10) 4.0(10)
Firewall_services_module_software Cisco 4.0(1) 4.0(1)
Firewall_services_module_software Cisco 3.2(20) 3.2(20)
Firewall_services_module_software Cisco 3.2(2) 3.2(2)
Firewall_services_module_software Cisco 4.0(5) 4.0(5)
Firewall_services_module_software Cisco 4.1(1) 4.1(1)
Firewall_services_module_software Cisco 4.0(12) 4.0(12)
Firewall_services_module_software Cisco 4.1(2) 4.1(2)
Firewall_services_module_software Cisco 4.1(3) 4.1(3)
Firewall_services_module_software Cisco 3.2(9) 3.2(9)
Firewall_services_module_software Cisco 3.2(7) 3.2(7)
Firewall_services_module_software Cisco 4.0(11) 4.0(11)
Firewall_services_module_software Cisco 3.2(1) 3.2(1)
Firewall_services_module_software Cisco 4.0 4.0
Firewall_services_module_software Cisco 3.2(15) 3.2(15)
Firewall_services_module_software Cisco 3.2(12) 3.2(12)
Firewall_services_module_software Cisco 3.2(5) 3.2(5)
Firewall_services_module_software Cisco 4.0(3) 4.0(3)
Firewall_services_module_software Cisco 3.2(17) 3.2(17)
Firewall_services_module_software Cisco 4.0(13) 4.0(13)
Firewall_services_module_software Cisco 3.2(16) 3.2(16)
Firewall_services_module_software Cisco 4.0(6) 4.0(6)
Firewall_services_module_software Cisco 3.2(19) 3.2(19)
Firewall_services_module_software Cisco 3.2(18) 3.2(18)
Firewall_services_module_software Cisco 4.0(8) 4.0(8)
Firewall_services_module_software Cisco 3.2(11) 3.2(11)
Firewall_services_module_software Cisco 4.0(7) 4.0(7)
Firewall_services_module_software Cisco 4.1(5) 4.1(5)
Firewall_services_module_software Cisco 4.1(4) 4.1(4)
Firewall_services_module_software Cisco 3.2(10) 3.2(10)
Firewall_services_module_software Cisco 4.1 4.1
Firewall_services_module_software Cisco 4.0(14) 4.0(14)
Firewall_services_module_software Cisco 3.2 3.2
Firewall_services_module_software Cisco 3.2(14) 3.2(14)
Firewall_services_module_software Cisco 3.2(3) 3.2(3)

Potential Mitigations

References