What is CVE-2013-0149?

CVE-2013-0149 is a vulnerability in Cisco Asa_5500. Published 2013-08-05.

Is CVE-2013-0149 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Cisco Asa_5500

CVE-2013-0149

The OSPF implementation in Cisco IOS 12.0 through 12.4 and 15.0 through 15.3, IOS-XE 2.x through 3.9.xS, ASA and PIX 7.x through 9.1, FWSM, NX-OS, and StarOS before 14.0.50488 does not properly validate Link State Advertisement (LSA) type…

EPSS: 0.008 (74.8th percentile) — read the EPSS interpretation.

Affected products

Cisco Asa_5500 — versions 7.0, 7.1, 7.2
Cisco Fwsm
Cisco Ios — versions 12.0, 12.0\(1\), 12.0\(1\)s
Cisco Ios_xe — versions 2.1.0, 2.1.1, 2.1.2
Cisco Nx-os
Cisco Pix_firewall_software — versions 7.0, 7.1, 7.2
Cisco Staros — versions 14.0
N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

20130801 OSPF LSA Manipulation Vulnerability in Multiple Cisco Products (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
VU#229804 (x_refsource_CERT-VN, US Government Resource, third-party-advisory)

Frequently asked questions

What is CVE-2013-0149?: CVE-2013-0149 is a vulnerability in Cisco Asa_5500. Published 2013-08-05.
Is CVE-2013-0149 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.