CVE-2013-1194

Cisco Adaptive Security Appliance Software - Information Disclosure via IKE Aggressive-Mode VPN Group Enumeration

Title source: llm
STIX 2.1

Description

The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.

References (2)

Core 2
Core References
Broken Link mailing-list x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html

Scores

EPSS 0.0117
EPSS Percentile 63.7%

Details

CWE
CWE-200
Status published
Products (2)
cisco/adaptive_security_appliance
cisco/adaptive_security_appliance_software
Published Apr 18, 2013
Tracked Since Feb 18, 2026