Improper input validation in Cisco Adaptive_security_appliance_software

CVE-2013-5508

The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5.44), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.6…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.004 (63.8th percentile) — read the EPSS interpretation.

Affected products

Cisco Adaptive_security_appliance_software — versions 7.0, 7.0\(0\), 7.0\(1\)
Cisco Firewall_services_module_software — versions 4.1\(1\), 4.1\(2\), 4.1\(3\)
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

20131213 SQL*Net Inspection Engine Denial of Service Vulnerability (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
20131009 Multiple Vulnerabilities in Cisco Firewall Services Module Software (x_refsource_CISCO, vendor-advisory, Vendor Advisory)
20131009 Multiple Vulnerabilities in Cisco ASA Software (x_refsource_CISCO, vendor-advisory, Vendor Advisory)