Auth bypass in Cisco Adaptive_security_appliance
CVE-2013-1150
The authentication-proxy implementation on Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.31), 8.1 and 8.2 before 8.2(5.38), 8.3 before 8.3(2.37), 8.4 before 8.4(5.3), 8.5 and 8.6 befo…
Vulnerability class: Broken Authentication
EPSS: 0.007 (72.3th percentile) — read the EPSS interpretation.
Affected products
- Cisco Adaptive_security_appliance
- Cisco Adaptive_security_appliance_software — versions 7.0, 7.0\(0\), 7.0\(1\)
- N/a — versions n/a
Weakness classification (CWE)
References
- 20130410 Multiple Vulnerabilities in Cisco ASA Software (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
- 20130410 Crafted URL Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)