Vulnerability Description
Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading to improper handling of hash lookups for secondary flows, aka Bug IDs CSCue31622 and CSCuc71272.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | 5500 Adaptive Security Appliance | 7.2 |
| Cisco | 5500 Series Adaptive Security Appliance | All versions |
| Cisco | Adaptive Security Appliance | All versions |
Related Weaknesses (CWE)
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415Vendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-5415Vendor Advisory
FAQ
What is CVE-2012-5415?
CVE-2012-5415 is a vulnerability with a CVSS score of 5.4 (MEDIUM). Race condition on Cisco Adaptive Security Appliances (ASA) devices allows remote attackers to cause a denial of service (CPU consumption or device reload) by establishing multiple connections, leading...
How severe is CVE-2012-5415?
CVE-2012-5415 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-5415?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco 5500 Adaptive Security Appliance, Cisco 5500 Series Adaptive Security Appliance, Cisco Adaptive Security Appliance.