CVE-2013-6682: Input Validation
First published: Wed Nov 13 2013(Updated: )
The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299.
Credit: ykramarz@cisco.com ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Adaptive Security Appliance | <=9.0.3\(6\) | |
| Cisco Adaptive Security Appliance | =7.0 | |
| Cisco Adaptive Security Appliance | =7.0\(0\) | |
| Cisco Adaptive Security Appliance | =7.0\(1\) | |
| Cisco Adaptive Security Appliance | =7.0\(2\) | |
| Cisco Adaptive Security Appliance | =7.0\(4\) | |
| Cisco Adaptive Security Appliance | =7.0\(5\) | |
| Cisco Adaptive Security Appliance | =7.0\(5.2\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(6\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(6.7\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(7\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(8\) | |
| Cisco Adaptive Security Appliance Software | =7.0.1 | |
| Cisco Adaptive Security Appliance Software | =7.0.1.4 | |
| Cisco Adaptive Security Appliance Software | =7.0.2 | |
| Cisco Adaptive Security Appliance Software | =7.0.4 | |
| Cisco Adaptive Security Appliance Software | =7.0.4.3 | |
| Cisco Adaptive Security Appliance Software | =7.0.5 | |
| Cisco Adaptive Security Appliance Software | =7.0.6 | |
| Cisco Adaptive Security Appliance Software | =7.0.7 | |
| Cisco Adaptive Security Appliance Software | =7.0.8 | |
| Cisco Adaptive Security Appliance Software | =7.0.8-interim | |
| Cisco Adaptive Security Appliance Software | =7.1 | |
| Cisco Adaptive Security Appliance Software | =7.1\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.5\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.27\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.48\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.49\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.1.1 | |
| Cisco Adaptive Security Appliance Software | =7.1.2 | |
| Cisco Adaptive Security Appliance Software | =7.2 | |
| Cisco Adaptive Security Appliance Software | =7.2\(1\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(1.22\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.5\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.7\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.8\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.10\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.14\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.15\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.16\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.17\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.18\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.19\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.48\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(3\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(4\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.2.1 | |
| Cisco Adaptive Security Appliance Software | =7.2.2 | |
| Cisco Adaptive Security Appliance Software | =7.2.3 | |
| Cisco Adaptive Security Appliance Software | =7.2.4 | |
| Cisco Adaptive Security Appliance Software | =7.2.5 | |
| Cisco Adaptive Security Appliance Software | =8.0 | |
| Cisco Adaptive Security Appliance Software | =8.0\(2\) | |
| Cisco Adaptive Security Appliance Software | =8.0\(3\) | |
| Cisco Adaptive Security Appliance Software | =8.0\(4\) | |
| Cisco Adaptive Security Appliance Software | =8.0\(5\) | |
| Cisco Adaptive Security Appliance Software | =8.0\(5.28\) | |
| Cisco Adaptive Security Appliance Software | =8.0\(5.31\) | |
| Cisco Adaptive Security Appliance Software | =8.0.2 | |
| Cisco Adaptive Security Appliance Software | =8.0.3 | |
| Cisco Adaptive Security Appliance Software | =8.0.4 | |
| Cisco Adaptive Security Appliance Software | =8.0.5 | |
| Cisco Adaptive Security Appliance Software | =8.1 | |
| Cisco Adaptive Security Appliance Software | =8.2 | |
| Cisco Adaptive Security Appliance Software | =8.2\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(2\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(3\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(3.9\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(4\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(4.1\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(4.4\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(5\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(5.35\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(5.38\) | |
| Cisco Adaptive Security Appliance Software | =8.2.1 | |
| Cisco Adaptive Security Appliance Software | =8.2.2 | |
| Cisco Adaptive Security Appliance Software | =8.2.2-interim | |
| Cisco Adaptive Security Appliance Software | =8.2.3 | |
| Cisco Adaptive Security Appliance Software | =8.3\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.3\(2\) | |
| Cisco Adaptive Security Appliance Software | =8.3\(2.34\) | |
| Cisco Adaptive Security Appliance Software | =8.3\(2.37\) | |
| Cisco Adaptive Security Appliance Software | =8.3.1 | |
| Cisco Adaptive Security Appliance Software | =8.3.1-interim | |
| Cisco Adaptive Security Appliance Software | =8.3.2 | |
| Cisco Adaptive Security Appliance Software | =8.4 | |
| Cisco Adaptive Security Appliance Software | =8.4\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(1.11\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(2\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(2.11\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(3\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(4.11\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(5\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(6\) | |
| Cisco Adaptive Security Appliance Software | =8.5 | |
| Cisco Adaptive Security Appliance Software | =8.5\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.5\(1.4\) | |
| Cisco Adaptive Security Appliance Software | =8.5\(1.17\) | |
| Cisco Adaptive Security Appliance Software | =8.6 | |
| Cisco Adaptive Security Appliance Software | =8.6\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.6\(1.3\) | |
| Cisco Adaptive Security Appliance Software | =8.6\(1.10\) | |
| Cisco Adaptive Security Appliance Software | =8.7 | |
| Cisco Adaptive Security Appliance Software | =8.7\(1.1\) | |
| Cisco Adaptive Security Appliance Software | =8.7\(1.3\) | |
| Cisco Adaptive Security Appliance Software | =8.7.1 | |
| Cisco Adaptive Security Appliance Software | =8.7.1.1 | |
| Cisco Adaptive Security Appliance Software | =9.0 | |
| Cisco Adaptive Security Appliance Software | =9.0\(1\) | |
| Cisco Adaptive Security Appliance Software | =9.0\(2\) | |
| Cisco Adaptive Security Appliance Software | =9.0\(3\) | |
| Cisco Adaptive Security Appliance Software | <=9.0.3\(6\) | |
| Cisco Adaptive Security Appliance Software | =7.0 | |
| Cisco Adaptive Security Appliance Software | =7.0\(0\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(1\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(4\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(5.2\) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2013-6682?
CVE-2013-6682 is rated as a high severity vulnerability that can lead to denial of service through connection-database corruption.
How do I fix CVE-2013-6682?
To fix CVE-2013-6682, upgrade to Cisco Adaptive Security Appliance Software version 9.0.3.7 or later.
Which Cisco systems are affected by CVE-2013-6682?
CVE-2013-6682 affects Cisco Adaptive Security Appliance Software versions up to and including 9.0.3.6, and all 7.0.x versions.
Can CVE-2013-6682 be exploited remotely?
Yes, CVE-2013-6682 can be exploited remotely by attackers to cause a denial of service.
What is the nature of the vulnerability in CVE-2013-6682?
The vulnerability in CVE-2013-6682 arises from improper validation of X.509 certificates in the phone-proxy implementation.
- agent/references
- agent/author
- agent/type
- agent/softwarecombine
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco adaptive security appliance
- version/cisco adaptive security appliance/9.0.3\(6\)
- version/cisco adaptive security appliance/7.0
- version/cisco adaptive security appliance/7.0\(0\)
- version/cisco adaptive security appliance/7.0\(1\)
- version/cisco adaptive security appliance/7.0\(2\)
- version/cisco adaptive security appliance/7.0\(4\)
- version/cisco adaptive security appliance/7.0\(5\)
- version/cisco adaptive security appliance/7.0\(5.2\)
- canonical/cisco adaptive security appliance software
- version/cisco adaptive security appliance software/7.0\(6\)
- version/cisco adaptive security appliance software/7.0\(6.7\)
- version/cisco adaptive security appliance software/7.0\(7\)
- version/cisco adaptive security appliance software/7.0\(8\)
- version/cisco adaptive security appliance software/7.0.1
- version/cisco adaptive security appliance software/7.0.1.4
- version/cisco adaptive security appliance software/7.0.2
- version/cisco adaptive security appliance software/7.0.4
- version/cisco adaptive security appliance software/7.0.4.3
- version/cisco adaptive security appliance software/7.0.5
- version/cisco adaptive security appliance software/7.0.6
- version/cisco adaptive security appliance software/7.0.7
- version/cisco adaptive security appliance software/7.0.8
- version/cisco adaptive security appliance software/7.0.8-interim
- version/cisco adaptive security appliance software/7.1
- version/cisco adaptive security appliance software/7.1\(2\)
- version/cisco adaptive security appliance software/7.1\(2.5\)
- version/cisco adaptive security appliance software/7.1\(2.27\)
- version/cisco adaptive security appliance software/7.1\(2.48\)
- version/cisco adaptive security appliance software/7.1\(2.49\)
- version/cisco adaptive security appliance software/7.1\(5\)
- version/cisco adaptive security appliance software/7.1.1
- version/cisco adaptive security appliance software/7.1.2
- version/cisco adaptive security appliance software/7.2
- version/cisco adaptive security appliance software/7.2\(1\)
- version/cisco adaptive security appliance software/7.2\(1.22\)
- version/cisco adaptive security appliance software/7.2\(2\)
- version/cisco adaptive security appliance software/7.2\(2.5\)
- version/cisco adaptive security appliance software/7.2\(2.7\)
- version/cisco adaptive security appliance software/7.2\(2.8\)
- version/cisco adaptive security appliance software/7.2\(2.10\)
- version/cisco adaptive security appliance software/7.2\(2.14\)
- version/cisco adaptive security appliance software/7.2\(2.15\)
- version/cisco adaptive security appliance software/7.2\(2.16\)
- version/cisco adaptive security appliance software/7.2\(2.17\)
- version/cisco adaptive security appliance software/7.2\(2.18\)
- version/cisco adaptive security appliance software/7.2\(2.19\)
- version/cisco adaptive security appliance software/7.2\(2.48\)
- version/cisco adaptive security appliance software/7.2\(3\)
- version/cisco adaptive security appliance software/7.2\(4\)
- version/cisco adaptive security appliance software/7.2\(5\)
- version/cisco adaptive security appliance software/7.2.1
- version/cisco adaptive security appliance software/7.2.2
- version/cisco adaptive security appliance software/7.2.3
- version/cisco adaptive security appliance software/7.2.4
- version/cisco adaptive security appliance software/7.2.5
- version/cisco adaptive security appliance software/8.0
- version/cisco adaptive security appliance software/8.0\(2\)
- version/cisco adaptive security appliance software/8.0\(3\)
- version/cisco adaptive security appliance software/8.0\(4\)
- version/cisco adaptive security appliance software/8.0\(5\)
- version/cisco adaptive security appliance software/8.0\(5.28\)
- version/cisco adaptive security appliance software/8.0\(5.31\)
- version/cisco adaptive security appliance software/8.0.2
- version/cisco adaptive security appliance software/8.0.3
- version/cisco adaptive security appliance software/8.0.4
- version/cisco adaptive security appliance software/8.0.5
- version/cisco adaptive security appliance software/8.1
- version/cisco adaptive security appliance software/8.2
- version/cisco adaptive security appliance software/8.2\(1\)
- version/cisco adaptive security appliance software/8.2\(2\)
- version/cisco adaptive security appliance software/8.2\(3\)
- version/cisco adaptive security appliance software/8.2\(3.9\)
- version/cisco adaptive security appliance software/8.2\(4\)
- version/cisco adaptive security appliance software/8.2\(4.1\)
- version/cisco adaptive security appliance software/8.2\(4.4\)
- version/cisco adaptive security appliance software/8.2\(5\)
- version/cisco adaptive security appliance software/8.2\(5.35\)
- version/cisco adaptive security appliance software/8.2\(5.38\)
- version/cisco adaptive security appliance software/8.2.1
- version/cisco adaptive security appliance software/8.2.2
- version/cisco adaptive security appliance software/8.2.2-interim
- version/cisco adaptive security appliance software/8.2.3
- version/cisco adaptive security appliance software/8.3\(1\)
- version/cisco adaptive security appliance software/8.3\(2\)
- version/cisco adaptive security appliance software/8.3\(2.34\)
- version/cisco adaptive security appliance software/8.3\(2.37\)
- version/cisco adaptive security appliance software/8.3.1
- version/cisco adaptive security appliance software/8.3.1-interim
- version/cisco adaptive security appliance software/8.3.2
- version/cisco adaptive security appliance software/8.4
- version/cisco adaptive security appliance software/8.4\(1\)
- version/cisco adaptive security appliance software/8.4\(1.11\)
- version/cisco adaptive security appliance software/8.4\(2\)
- version/cisco adaptive security appliance software/8.4\(2.11\)
- version/cisco adaptive security appliance software/8.4\(3\)
- version/cisco adaptive security appliance software/8.4\(4.11\)
- version/cisco adaptive security appliance software/8.4\(5\)
- version/cisco adaptive security appliance software/8.4\(6\)
- version/cisco adaptive security appliance software/8.5
- version/cisco adaptive security appliance software/8.5\(1\)
- version/cisco adaptive security appliance software/8.5\(1.4\)
- version/cisco adaptive security appliance software/8.5\(1.17\)
- version/cisco adaptive security appliance software/8.6
- version/cisco adaptive security appliance software/8.6\(1\)
- version/cisco adaptive security appliance software/8.6\(1.3\)
- version/cisco adaptive security appliance software/8.6\(1.10\)
- version/cisco adaptive security appliance software/8.7
- version/cisco adaptive security appliance software/8.7\(1.1\)
- version/cisco adaptive security appliance software/8.7\(1.3\)
- version/cisco adaptive security appliance software/8.7.1
- version/cisco adaptive security appliance software/8.7.1.1
- version/cisco adaptive security appliance software/9.0
- version/cisco adaptive security appliance software/9.0\(1\)
- version/cisco adaptive security appliance software/9.0\(2\)
- version/cisco adaptive security appliance software/9.0\(3\)
- version/cisco adaptive security appliance software/9.0.3\(6\)
- version/cisco adaptive security appliance software/7.0
- version/cisco adaptive security appliance software/7.0\(0\)
- version/cisco adaptive security appliance software/7.0\(1\)
- version/cisco adaptive security appliance software/7.0\(2\)
- version/cisco adaptive security appliance software/7.0\(4\)
- version/cisco adaptive security appliance software/7.0\(5\)
- version/cisco adaptive security appliance software/7.0\(5.2\)