CVE-2013-3463

Description

The protocol-inspection feature on Cisco Adaptive Security Appliances (ASA) devices does not properly implement the idle timeout, which allows remote attackers to cause a denial of service (connection-table exhaustion) via crafted requests that use an inspected protocol, aka Bug ID CSCuh13899.

Risk Information

Base Score

7.5

MODERATE

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS Score

Exploitation Probability

1.166

Associated Vulnerability

Vulnerability	OS Platform
Cisco ASA Protocol Inspection Connection Table Denial of Service Vulnerability For Cisco Adaptive Security Appliance (ASA) Software	NCM
CVE-2013-3463	NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-1706057	Security Update for Cisco Adaptive Security Appliance (ASA) Software 99.17(1.69)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234