CVE-2013-3385

EPSS 0.55%
Veröffentlicht 27.06.2013 21:55:07
Zuletzt bearbeitet 29.04.2026 01:13:23
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

The management GUI in the web framework in IronPort AsyncOS on Cisco Web Security Appliance devices before 7.1.3-013, 7.5 before 7.5.0-838, and 7.7 before 7.7.0-602; Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019; and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (system hang) via a series of (1) HTTP or (2) HTTPS requests to a management interface, aka Bug IDs CSCzv58669, CSCzv63329, and CSCzv78669.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

NVD 8 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ironport Asyncos Version <= 7.1.3

   Cisco ≫ Content Security Management Version-
   Cisco ≫ Web Security Appliance Version-
   Cisco ≫ Email Security Appliance Firmware Version-

Cisco ≫ Ironport Asyncos Version7.2

   Cisco ≫ Content Security Management Version-
   Cisco ≫ Web Security Appliance Version-
   Cisco ≫ Email Security Appliance Firmware Version-

Cisco ≫ Ironport Asyncos Version7.3

   Cisco ≫ Content Security Management Version-
   Cisco ≫ Web Security Appliance Version-
   Cisco ≫ Email Security Appliance Firmware Version-

Cisco ≫ Ironport Asyncos Version7.5

   Cisco ≫ Content Security Management Version-
   Cisco ≫ Web Security Appliance Version-
   Cisco ≫ Email Security Appliance Firmware Version-

Cisco ≫ Ironport Asyncos Version7.6

   Cisco ≫ Content Security Management Version-
   Cisco ≫ Web Security Appliance Version-
   Cisco ≫ Email Security Appliance Firmware Version-

Cisco ≫ Ironport Asyncos Version7.7

   Cisco ≫ Content Security Management Version-
   Cisco ≫ Web Security Appliance Version-
   Cisco ≫ Email Security Appliance Firmware Version-

Cisco ≫ Ironport Asyncos Version7.8

   Cisco ≫ Content Security Management Version-
   Cisco ≫ Web Security Appliance Version-
   Cisco ≫ Email Security Appliance Firmware Version-

Cisco ≫ Ironport Asyncos Version7.9

   Cisco ≫ Content Security Management Version-
   Cisco ≫ Web Security Appliance Version-
   Cisco ≫ Email Security Appliance Firmware Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.55%	0.654

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-wsa

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-esa

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-sma

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2013-3385

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-3385

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-3385

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2013-3385