CVE-2013-1218

Published: Jul 18, 2013Modified: Apr 29, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote attackers to cause a denial of service (Analysis Engine process hang or device reload) via fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCue51272.

Affected (9)

Products: Cisco: Asa 5500 X Series Ips Ssp Software, Asa 5585 X, Idsm 2, Intrusion Prevention System, Ips 4345 Sensor, Ips 4360 Sensor, Ips 4510 Sensor, Ips 4520 Sensor, Ips Nme

Cisco

9 products

Asa 5500 X Series Ips Ssp Software

Asa 5585 X

Idsm 2

Intrusion Prevention System

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Cisco Asa 5500 X Series Ips Ssp Software	Version 7.1
Cisco Asa 5585 X	All versions
Cisco Idsm 2	All versions
Cisco Intrusion Prevention System	Up to 7.1
Cisco Ips 4345 Sensor	All versions
Cisco Ips 4360 Sensor	All versions
Cisco Ips 4510 Sensor	All versions
Cisco Ips 4520 Sensor	All versions
Cisco Ips Nme	All versions

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (2)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips

Source: psirt@cisco.com

Vendor Advisory

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.