Vulnerability Description
Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 allows remote authenticated users to cause a denial of service (memory consumption and blank response page) by using the clientless WebVPN feature, aka Bug ID CSCth34278.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | 5500 Series Adaptive Security Appliance | All versions |
| Cisco | Adaptive Security Appliance Software | 8.2 |
Related Weaknesses (CWE)
References
- http://www.cisco.com/web/software/280775065/45357/ASA-825-Interim-Release-Notes.Vendor Advisory
- http://www.cisco.com/web/software/280775065/45357/ASA-825-Interim-Release-Notes.Vendor Advisory
FAQ
What is CVE-2012-2474?
CVE-2012-2474 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2 through 8.4 allows remote authenticated users to cause a denial of service (memory consumption and blank r...
How severe is CVE-2012-2474?
CVE-2012-2474 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2474?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco 5500 Series Adaptive Security Appliance, Cisco Adaptive Security Appliance Software.