Vulnerability Description
The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service (device crash or error-recovery event) via an HTTP request that triggers a rewrite, aka Bug ID CSCug91577.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Adaptive Security Appliance Software | <= 9.1\(2\) |
References
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5557Broken LinkVendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=37383Vendor Advisory
- http://www.securityfocus.com/bid/72529Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100694Third Party AdvisoryVDB Entry
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5557Broken LinkVendor Advisory
- http://tools.cisco.com/security/center/viewAlert.x?alertId=37383Vendor Advisory
- http://www.securityfocus.com/bid/72529Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/100694Third Party AdvisoryVDB Entry
FAQ
What is CVE-2013-5557?
CVE-2013-5557 is a vulnerability with a CVSS score of 6.3 (MEDIUM). The Proxy Bypass Content Rewriter feature in the WebVPN subsystem in Cisco Adaptive Security Appliance (ASA) Software 9.1(.2) and earlier allows remote authenticated users to cause a denial of service...
How severe is CVE-2013-5557?
CVE-2013-5557 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-5557?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Adaptive Security Appliance Software.