CVE-2013-6682

Cisco Adaptive Security Appliance Software <= 9.0.3.6 - Denial of Service via Invalid X.509 Certificate

Title source: llm
STIX 2.1

Description

The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299.

References (2)

Core 2
Core References

Scores

EPSS 0.0075
EPSS Percentile 50.5%

Details

CWE
CWE-20
Status published
Products (49)
cisco/adaptive_security_appliance_software 7.0
cisco/adaptive_security_appliance_software 7.0\(0\)
cisco/adaptive_security_appliance_software 7.0\(1\)
cisco/adaptive_security_appliance_software 7.0\(2\)
cisco/adaptive_security_appliance_software 7.0\(4\)
cisco/adaptive_security_appliance_software 7.0\(5\)
cisco/adaptive_security_appliance_software 7.0\(5.2\)
cisco/adaptive_security_appliance_software 7.0\(6\)
cisco/adaptive_security_appliance_software 7.0\(6.7\)
cisco/adaptive_security_appliance_software 7.0\(7\)
... and 39 more
Published Nov 13, 2013
Tracked Since Feb 18, 2026