NVD

Id
39219  
Name
CVE-2013-3415  
Description
Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine"s IP address, aka Bug ID CSCtt36737.  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:C)  
Pub Date
2017-01-18  
Published
2013-10-13  
Modified Date
2016-11-01  
Seq
2013-3415  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
200405 39219 CVE-2013-3415 20131009 Multiple Vulnerabilities in Cisco ASA Software  View
200406 39219 CVE-2013-3415 20131213 AnyConnect SSL VPN Memory Exhaustion Denial of Service Vulnerability  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
23065 JVNDB-2013-004640 Cisco Adaptive Security Appliance ソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 Cisco Adaptive Security Appliance (ASA) ソフトウェアは、AnyConnect SSL VPN クライアントの切断時に適切にメモリを管理しないため、サービス運用妨害 (メモリ消費、および転送の停止、またはシステムハング) 状態にされる脆弱性が存在します。 CVE-2013-3415 63357 CVE-2013-3415 39219 7.8 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004640.html 2013-10-09 2014-01-09 View