CVE-2013-5497

Cisco IPS - DoS

Title source: llm

Description

The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly handle user tokens, which allows remote attackers to cause a denial of service (intermittent MainApp hang) via a crafted management-interface connection request, aka Bug ID CSCuf20148.

References (6)

[Vendor Advisory] http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5497

[Vendor Advisory] http://tools.cisco.com/security/center/viewAlert.x?alertId=30913

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/62517

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1029057

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/87280

[Third Party Advisory, VDB Entry] http://osvdb.org/97525

Scores

EPSS 0.0118

EPSS Percentile 78.6%

Classification

CWE

CWE-287

Status draft

Affected Products (1)

cisco/intrusion_prevention_system

Timeline

Published Sep 19, 2013

Tracked Since Feb 18, 2026