CVE-2010-0567

high

Description

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (active IPsec tunnel loss and prevention of new tunnels) via a malformed IKE message through an existing tunnel to UDP port 4500, aka Bug ID CSCtc47782.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/56341

http://www.vupen.com/english/advisories/2010/0415

http://www.securitytracker.com/id?1023612

http://www.securityfocus.com/bid/38279

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml

http://secunia.com/advisories/38636

http://secunia.com/advisories/38618

http://osvdb.org/62436

Details

Source: Mitre, NVD

Published: 2010-02-19

Updated: 2017-08-17

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High