CVE-2013-1150

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliances (ASA) devices with software versions prior to 7.2(5.10) Cisco Adaptive Security Appliances (ASA) devices with software versions 8.0 prior to 8.0(5.31) Cisco Adaptive Security Appliances (ASA) devices with software versions 8.1 and 8.2 prior to 8.2(5.38) Cisco Adaptive Security Appliances (ASA) devices with software versions 8.3 prior to 8.3(2.37) Cisco Adaptive Security Appliances (ASA) devices with software versions 8.4 prior to 8.4(5.3) Cisco Adaptive Security Appliances (ASA) devices with software versions 8.5 and 8.6 prior to 8.6(1.10) Cisco Adaptive Security Appliances (ASA) devices with software versions 8.7 prior to 8.7(1.4) Cisco Adaptive Security Appliances (ASA) devices with software versions 9.0 prior to 9.0(1.1) Cisco Adaptive Security Appliances (ASA) devices with software versions 9.1 prior to 9.1(1.2)

Description The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (device reload) via a crafted URL.

Recommendations For versions prior to 7.2(5.10), update to version 7.2(5.10) or later. For versions 8.0 prior to 8.0(5.31), update to version 8.0(5.31) or later. For versions 8.1 and 8.2 prior to 8.2(5.38), update to version 8.2(5.38) or later. For versions 8.3 prior to 8.3(2.37), update to version 8.3(2.37) or later. For versions 8.4 prior to 8.4(5.3), update to version 8.4(5.3) or later. For versions 8.5 and 8.6 prior to 8.6(1.10), update to version 8.6(1.10) or later. For versions 8.7 prior to 8.7(1.4), update to version 8.7(1.4) or later. For versions 9.0 prior to 9.0(1.1), update to version 9.0(1.1) or later. For versions 9.1 prior to 9.1(1.2), update to version 9.1(1.2) or later.