Auth bypass in Cisco Firewall_services_module_software

CVE-2013-1155

The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted U…

Vulnerability class: Broken Authentication

EPSS: 0.004 (60.6th percentile) — read the EPSS interpretation.

Affected products

Cisco Firewall_services_module_software — versions 3.1, 3.2, 3.2\(1\)
N/a — versions n/a

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

20130410 Multiple Vulnerabilities in Cisco Firewall Services Module Software (x_refsource_CISCO, vendor-advisory, Vendor Advisory)