What is the severity of CVE-2013-1155?

CVE-2013-1155 has been rated as a high severity vulnerability due to its potential to cause denial of service.

How do I fix CVE-2013-1155?

To fix CVE-2013-1155, upgrade to Cisco Firewall Services Module software version 3.2(20.1), 4.0(15.2), or 4.1(5.1) and later.

What types of attacks does CVE-2013-1155 allow?

CVE-2013-1155 allows remote attackers to cause a denial of service by sending a crafted URL.

Which versions of Cisco Firewall Services Module are affected by CVE-2013-1155?

CVE-2013-1155 affects Cisco Firewall Services Module software versions 3.1, 3.2, 4.0, and 4.1 before the specified fixed versions.

Is there a workaround for CVE-2013-1155 if I can't upgrade?

There are no known workarounds for CVE-2013-1155, so upgrading is highly recommended.

Vulnerability/
CVE-2013-1155

high

7.8

CWE

287

11/4/2013

16/9/2024

CVE-2013-1155

First published: Thu Apr 11 2013(Updated: )

The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Firewall Services Module	=3.1
Cisco Firewall Services Module	=3.2
Cisco Firewall Services Module	=3.2\(1\)
Cisco Firewall Services Module	=3.2\(2\)
Cisco Firewall Services Module	=3.2\(3\)
Cisco Firewall Services Module	=3.2\(4\)
Cisco Firewall Services Module	=3.2\(5\)
Cisco Firewall Services Module	=3.2\(6\)
Cisco Firewall Services Module	=3.2\(7\)
Cisco Firewall Services Module	=3.2\(8\)
Cisco Firewall Services Module	=3.2\(9\)
Cisco Firewall Services Module	=3.2\(10\)
Cisco Firewall Services Module	=3.2\(11\)
Cisco Firewall Services Module	=3.2\(12\)
Cisco Firewall Services Module	=3.2\(13\)
Cisco Firewall Services Module	=3.2\(14\)
Cisco Firewall Services Module	=3.2\(15\)
Cisco Firewall Services Module	=3.2\(16\)
Cisco Firewall Services Module	=3.2\(17\)
Cisco Firewall Services Module	=3.2\(18\)
Cisco Firewall Services Module	=3.2\(19\)
Cisco Firewall Services Module	=3.2\(20\)
Cisco Firewall Services Module	=4.0
Cisco Firewall Services Module	=4.0\(1\)
Cisco Firewall Services Module	=4.0\(2\)
Cisco Firewall Services Module	=4.0\(3\)
Cisco Firewall Services Module	=4.0\(4\)
Cisco Firewall Services Module	=4.0\(5\)
Cisco Firewall Services Module	=4.0\(6\)
Cisco Firewall Services Module	=4.0\(7\)
Cisco Firewall Services Module	=4.0\(8\)
Cisco Firewall Services Module	=4.0\(10\)
Cisco Firewall Services Module	=4.0\(11\)
Cisco Firewall Services Module	=4.0\(12\)
Cisco Firewall Services Module	=4.0\(13\)
Cisco Firewall Services Module	=4.0\(14\)
Cisco Firewall Services Module	=4.0\(15\)
Cisco Firewall Services Module	=4.1
Cisco Firewall Services Module	=4.1\(1\)
Cisco Firewall Services Module	=4.1\(2\)
Cisco Firewall Services Module	=4.1\(3\)
Cisco Firewall Services Module	=4.1\(4\)
Cisco Firewall Services Module	=4.1\(5\)

Never miss a vulnerability like this again

Reference Links

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm

Frequently Asked Questions

What is the severity of CVE-2013-1155?
CVE-2013-1155 has been rated as a high severity vulnerability due to its potential to cause denial of service.
How do I fix CVE-2013-1155?
To fix CVE-2013-1155, upgrade to Cisco Firewall Services Module software version 3.2(20.1), 4.0(15.2), or 4.1(5.1) and later.
What types of attacks does CVE-2013-1155 allow?
CVE-2013-1155 allows remote attackers to cause a denial of service by sending a crafted URL.
Which versions of Cisco Firewall Services Module are affected by CVE-2013-1155?
CVE-2013-1155 affects Cisco Firewall Services Module software versions 3.1, 3.2, 4.0, and 4.1 before the specified fixed versions.
Is there a workaround for CVE-2013-1155 if I can't upgrade?
There are no known workarounds for CVE-2013-1155, so upgrading is highly recommended.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/weakness
agent/last-modified-date
agent/references
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco firewall services module
version/cisco firewall services module/3.1
version/cisco firewall services module/3.2
version/cisco firewall services module/3.2\(1\)
version/cisco firewall services module/3.2\(2\)
version/cisco firewall services module/3.2\(3\)
version/cisco firewall services module/3.2\(4\)
version/cisco firewall services module/3.2\(5\)
version/cisco firewall services module/3.2\(6\)
version/cisco firewall services module/3.2\(7\)
version/cisco firewall services module/3.2\(8\)
version/cisco firewall services module/3.2\(9\)
version/cisco firewall services module/3.2\(10\)
version/cisco firewall services module/3.2\(11\)
version/cisco firewall services module/3.2\(12\)
version/cisco firewall services module/3.2\(13\)
version/cisco firewall services module/3.2\(14\)
version/cisco firewall services module/3.2\(15\)
version/cisco firewall services module/3.2\(16\)
version/cisco firewall services module/3.2\(17\)
version/cisco firewall services module/3.2\(18\)
version/cisco firewall services module/3.2\(19\)
version/cisco firewall services module/3.2\(20\)
version/cisco firewall services module/4.0
version/cisco firewall services module/4.0\(1\)
version/cisco firewall services module/4.0\(2\)
version/cisco firewall services module/4.0\(3\)
version/cisco firewall services module/4.0\(4\)
version/cisco firewall services module/4.0\(5\)
version/cisco firewall services module/4.0\(6\)
version/cisco firewall services module/4.0\(7\)
version/cisco firewall services module/4.0\(8\)
version/cisco firewall services module/4.0\(10\)
version/cisco firewall services module/4.0\(11\)
version/cisco firewall services module/4.0\(12\)
version/cisco firewall services module/4.0\(13\)
version/cisco firewall services module/4.0\(14\)
version/cisco firewall services module/4.0\(15\)
version/cisco firewall services module/4.1
version/cisco firewall services module/4.1\(1\)
version/cisco firewall services module/4.1\(2\)
version/cisco firewall services module/4.1\(3\)
version/cisco firewall services module/4.1\(4\)
version/cisco firewall services module/4.1\(5\)