CVE-2013-5510

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software versions 7.x through 7.2(5.11) Cisco Adaptive Security Appliance (ASA) Software versions 8.x through 8.2(5.45) Cisco Adaptive Security Appliance (ASA) Software versions 8.3.x through 8.3(2.38) Cisco Adaptive Security Appliance (ASA) Software versions 8.4.x through 8.4(5) Cisco Adaptive Security Appliance (ASA) Software versions 8.6.x through 8.6(1.11) Cisco Adaptive Security Appliance (ASA) Software versions 9.0.x through 9.0(3.0) Cisco Adaptive Security Appliance (ASA) Software versions 9.1.x through 9.1(2.4)

Description The remote-access VPN implementation in Cisco Adaptive Security Appliance (ASA) Software does not properly parse AAA LDAP responses when the override-account-disable option is enabled, allowing remote attackers to bypass authentication via a VPN connection attempt.

Recommendations For versions 7.x through 7.2(5.11), update to version 7.2(5.12) or later. For versions 8.x through 8.2(5.45), update to version 8.2(5.46) or later. For versions 8.3.x through 8.3(2.38), update to version 8.3(2.39) or later. For versions 8.4.x through 8.4(5), update to version 8.4(6) or later. For versions 8.6.x through 8.6(1.11), update to version 8.6(1.12) or later. For versions 9.0.x through 9.0(3.0), update to version 9.0(3.1) or later. For versions 9.1.x through 9.1(2.4), update to version 9.1(2.5) or later.