Vulnerability Description
Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial of service (device crash) via unknown vectors, aka Bug ID CSCuc65775.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Adaptive Security Appliance Software | 8.4 |
| Cisco | Adaptive Security Appliance | All versions |
| Cisco | Asa 1000V Cloud Firewall | - |
| Cisco | Asa 5500 | All versions |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/51955
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6395Vendor Advisory
- http://www.securitytracker.com/id/1028009
- http://secunia.com/advisories/51955
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2012-6395Vendor Advisory
- http://www.securitytracker.com/id/1028009
FAQ
What is CVE-2012-6395?
CVE-2012-6395 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Cisco Adaptive Security Appliances (ASA) devices with firmware 8.4 do not properly validate unspecified input related to UNC share pathnames, which allows remote authenticated users to cause a denial ...
How severe is CVE-2012-6395?
CVE-2012-6395 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-6395?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software, Cisco Adaptive Security Appliance, Cisco Asa 1000V Cloud Firewall, Cisco Asa 5500.