CVE-2013-3415

Cisco ASA 8.4.x < 8.4(3) & 8.6.x < 8.6(1.3) DoS via AnyConnect SSL VPN Disconnect

Title source: llm
STIX 2.1

Description

Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine's IP address, aka Bug ID CSCtt36737.

References (2)

Core 2
Core References

Scores

EPSS 0.0134
EPSS Percentile 67.8%

Details

CWE
CWE-119
Status published
Products (8)
cisco/adaptive_security_appliance_software 8.4
cisco/adaptive_security_appliance_software 8.4\(1\)
cisco/adaptive_security_appliance_software 8.4\(1.11\)
cisco/adaptive_security_appliance_software 8.4\(2\)
cisco/adaptive_security_appliance_software 8.4\(2.11\)
cisco/adaptive_security_appliance_software 8.6
cisco/adaptive_security_appliance_software 8.6\(1\)
cisco/adaptive_security_appliance_software 8.6\(1.10\)
Published Oct 13, 2013
Tracked Since Feb 18, 2026