First published: Tue Jun 27 2017(Updated: )
ASA 5515-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim, ASA 5510 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 8.4.x before 8.4.7 Interim, 8.2.x before 8.2.5 Interim, 9.1.x before 9.1.6 Interim, ASA 5555-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package 1.2.4.x before 1.2.4.8, ASA 5512-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package 1.2.4.x before 1.2.4.8, ASA 5520 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 8.2.x before 8.2.5 Interim, 8.4.x before 8.4.7 Interim, 9.1.x before 9.1.6 Interim, ASA 5505 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.2.x before 9.2.4 Interim, 8.4.x before 8.4.7 Interim, 9.1.x before 9.1.6 Interim, ASA 5525-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package 1.2.4.x before 1.2.4.8, ASA 5512-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim or 9.2.4.SMP, 9.1.x before 9.1.6 Interim, ASA 5545-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package 1.2.4.x before 1.2.4.8, ASA 5585-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package 1.2.4.x before 1.2.4.8, ASA 5540 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 8.2.x before 8.2.5 Interim, 8.4.x before 8.4.7 Interim, 9.1.x before 9.1.6 Interim, ASA 5515-X Adaptive Security Appliance ASA for Application Centric Infrastructure (ACI) Device Package 1.2.4.x before 1.2.4.8, ASA 5555-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.2.x before 9.2.4 Interim or 9.2.4.SMP, 9.4.x before 9.4.1 Interim, 9.1.x before 9.1.6 Interim, ASA 5580 Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.1.x before 9.1.6 Interim, ASA 5585-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.2.x before 9.2.4 Interim, 9.4.x before 9.4.1 Interim, ASA 5525-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim or 9.2.4.SMP, 9.1.x before 9.1.6 Interim, ASA 5545-X Adaptive Security Appliance Adaptive Security Appliance (ASA) Software 9.4.x before 9.4.1 Interim, 9.2.x before 9.2.4 Interim or 9.2.4.SMP. 9.1.x before 9.1.6 ASA does not check the source of the ARP request or GARP packets for addresses it performs NAT translation for under unspecified conditions.
Credit: ykramarz@cisco.com ykramarz@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Cisco Adaptive Security Appliance Software | <=8.2\(4\) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-5010 is classified as a high severity vulnerability due to its potential impact on the security of affected Cisco ASA devices.
To fix CVE-2012-5010, you should upgrade the affected Cisco ASA software to the recommended versions as specified in the vulnerability advisory.
CVE-2012-5010 affects various versions of Cisco Adaptive Security Appliance software, specifically 9.4.x, 9.2.x, 8.4.x, and 8.2.x prior to their respective interim releases.
CVE-2012-5010 is a remote code execution vulnerability that can allow an attacker to gain control of the affected device.
As of the latest updates, there are no public exploits specifically targeting CVE-2012-5010, but the risk remains high.