CVE-2013-6691

Published: Jul 14, 2014Modified: May 6, 2026

6.8

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Exploitability: 8.0 / Impact: 6.9

Source: NVD

Description

The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344.

Affected (1)

Products: Cisco: Adaptive Security Appliance Software

Cisco

1 product

Adaptive Security Appliance Software

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Adaptive Security Appliance Software	Up to 9.0\(4.1\)

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (10)

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6691

Source: psirt@cisco.com

Broken LinkVendor Advisory

http://tools.cisco.com/security/center/viewAlert.x?alertId=34921

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/68517

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1030565

Source: psirt@cisco.com

Broken LinkThird Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/94459

Source: psirt@cisco.com

Third Party AdvisoryVDB Entry

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-6691