PT-2013-5593 · Cisco · Cisco Asa
Published
2013-10-09
·
Updated
2023-08-15
·
CVE-2013-5509
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco Adaptive Security Appliance (ASA) Software versions 9.0 before 9.0(2.6)
Cisco Adaptive Security Appliance (ASA) Software versions 9.1 before 9.1(2)
Description
The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to bypass authentication and obtain VPN access or administrative access via a crafted X.509 client certificate.
Recommendations
For Cisco Adaptive Security Appliance (ASA) Software versions 9.0 before 9.0(2.6), update to version 9.0(2.6) or later.
For Cisco Adaptive Security Appliance (ASA) Software versions 9.1 before 9.1(2), update to version 9.1(2) or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cisco Asa