Vulnerability Name: CVE-2013-5513 (CCN-87778) Assigned: 2013-10-09 Published: 2013-10-09 Updated: 2016-11-01 Summary: Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(7), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.3), and 9.1.x before 9.1(1.8), when the DNS ALPI engine is enabled for TCP, allows remote attackers to cause a denial of service (device reload) via crafted TCP DNS packets, aka Bug ID CSCug03975. CVSS v3 Severity: 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): ChangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C 5.3 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
9.3 High (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C 6.9 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-119 Vulnerability Consequences: Denial of Service References: Source: MITRECVE-2013-5513 Multiple Vulnerabilities in Cisco ASA Software 20131009 Multiple Vulnerabilities in Cisco ASA Software 20131213 DNS Inspection Denial of Service Vulnerability Cisco Adaptive Security Appliance (ASA) DNS Application Layer Protocol Inspection (ALPI) Engine Unsupported Packet Handling Remote DoS Cisco Adaptive Security Appliance CVE-2013-5513 Denial of Service Vulnerability cisco-asa-cve20135513-dps(87778) Vulnerable Configuration: Configuration 1 :cpe:/a:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(1):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(2):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(3):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(3.9):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(4):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(4.1):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(4.4):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(5):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(5.35):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.2(5.38):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.3(1):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.3(2):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.4(1):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.4(1.11):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.4(2):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.4(2.11):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.4(3):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.4(4.11):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.4(5):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.5(1):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.5(1.17):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.6:*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.6(1):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.6(1.10):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:8.7(1.3):*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:9.0:*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:9.1:*:*:*:*:*:*:* OR cpe:/a:cisco:adaptive_security_appliance_software:9.1(1.7):*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:cisco:adaptive_security_appliance:-:*:*:*:*:*:*:* BACK
cisco adaptive security appliance software 8.2
cisco adaptive security appliance software 8.2(1)
cisco adaptive security appliance software 8.2(2)
cisco adaptive security appliance software 8.2(3)
cisco adaptive security appliance software 8.2(3.9)
cisco adaptive security appliance software 8.2(4)
cisco adaptive security appliance software 8.2(4.1)
cisco adaptive security appliance software 8.2(4.4)
cisco adaptive security appliance software 8.2(5)
cisco adaptive security appliance software 8.2(5.35)
cisco adaptive security appliance software 8.2(5.38)
cisco adaptive security appliance software 8.3(1)
cisco adaptive security appliance software 8.3(2)
cisco adaptive security appliance software 8.4
cisco adaptive security appliance software 8.4(1)
cisco adaptive security appliance software 8.4(1.11)
cisco adaptive security appliance software 8.4(2)
cisco adaptive security appliance software 8.4(2.11)
cisco adaptive security appliance software 8.4(3)
cisco adaptive security appliance software 8.4(4.11)
cisco adaptive security appliance software 8.4(5)
cisco adaptive security appliance software 8.5
cisco adaptive security appliance software 8.5(1)
cisco adaptive security appliance software 8.5(1.17)
cisco adaptive security appliance software 8.6
cisco adaptive security appliance software 8.6(1)
cisco adaptive security appliance software 8.6(1.10)
cisco adaptive security appliance software 8.7(1.3)
cisco adaptive security appliance software 9.0
cisco adaptive security appliance software 9.1
cisco adaptive security appliance software 9.1(1.7)
cisco adaptive security appliance -
Denotes that component is vulnerable