CVE-2013-3415
Cisco ASA 8.4.x < 8.4(3) & 8.6.x < 8.6(1.3) DoS via AnyConnect SSL VPN Disconnect
Title source: llmDescription
Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine's IP address, aka Bug ID CSCtt36737.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3415
Scores
EPSS
0.0134
EPSS Percentile
67.8%
Details
CWE
CWE-119
Status
published
Products (8)
cisco/adaptive_security_appliance_software
8.4
cisco/adaptive_security_appliance_software
8.4\(1\)
cisco/adaptive_security_appliance_software
8.4\(1.11\)
cisco/adaptive_security_appliance_software
8.4\(2\)
cisco/adaptive_security_appliance_software
8.4\(2.11\)
cisco/adaptive_security_appliance_software
8.6
cisco/adaptive_security_appliance_software
8.6\(1\)
cisco/adaptive_security_appliance_software
8.6\(1.10\)
Published
Oct 13, 2013
Tracked Since
Feb 18, 2026