CVE-2013-1194
Cisco Adaptive Security Appliance Software - Information Disclosure via IKE Aggressive-Mode VPN Group Enumeration
Title source: llmDescription
The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194
Broken Link mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html
Scores
EPSS
0.0117
EPSS Percentile
63.7%
Details
CWE
CWE-200
Status
published
Products (2)
cisco/adaptive_security_appliance
cisco/adaptive_security_appliance_software
Published
Apr 18, 2013
Tracked Since
Feb 18, 2026