The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly handle user tokens, which allows remote attackers to cause a denial of service (intermittent MainApp hang) via a crafted management-interface connection request, aka Bug ID CSCuf20148.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:N/C:N/I:N/A:P
Vendors Products
Cisco
  • Intrusion Prevention System

Configuration 1 [-]

cpe:2.3:h:cisco:intrusion_prevention_system:*:*:*:*:*:*:*:*
References
Link Resource
http://osvdb.org/97525
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5497 Vendor Advisory
http://tools.cisco.com/security/center/viewAlert.x?alertId=30913 Vendor Advisory
http://www.securityfocus.com/bid/62517 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1029057 Third Party Advisory VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/87280
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: cisco

Published: 2013-09-19T18:00:00

Updated: 2017-08-28T12:57:01

Reserved: 2013-08-22T00:00:00

Link: CVE-2013-5497

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2013-09-19T18:55:05.620

Modified: 2017-08-29T01:33:49.077

Link: CVE-2013-5497

JSON object: View

cve-icon Redhat Information

No data.

CWE