Cisco Intrusion Prevention System 7.0/7.1 Management Interface improper authentication
CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
6.5 | $0-$5k | 0.00 |
A vulnerability was found in Cisco Intrusion Prevention System 7.0/7.1. It has been rated as critical. This issue affects some unknown processing of the component Management Interface. The manipulation with an unknown input leads to a improper authentication vulnerability. Using CWE to declare the problem leads to CWE-287. When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. Impacted is availability. The summary by CVE is:
The authentication manager process in the web framework in Cisco Intrusion Prevention System (IPS) does not properly handle user tokens, which allows remote attackers to cause a denial of service (intermittent MainApp hang) via a crafted management-interface connection request, aka Bug ID CSCuf20148.
The weakness was disclosed 09/19/2013 as Cisco IPS Authentication Manager Denial of Service Vulnerability as confirmed advisory (Website). The advisory is shared at tools.cisco.com. The identification of this vulnerability is CVE-2013-5497 since 08/22/2013. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Neither technical details nor an exploit are publicly available.
The vulnerability scanner Nessus provides a plugin with the ID 72510 (Cisco IPS Authentication Manager Denial of Service Vulnerability (CSCuf20148)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family CISCO.
Upgrading to version 7.0.(9) or 7.2.(1) eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (87280) and Tenable (72510). tools.cisco.com is providing further details.
Product
Vendor
Name
Version
License
Support
- end of life (old version)
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.5VulDB Meta Temp Score: 6.5
VulDB Base Score: 7.5
VulDB Temp Score: 6.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Improper authenticationCWE: CWE-287
CAPEC: 🔍
ATT&CK: 🔍
Local: No
Remote: Yes
Availability: 🔍
Status: Unproven
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Nessus ID: 72510
Nessus Name: Cisco IPS Authentication Manager Denial of Service Vulnerability (CSCuf20148)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Port: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Upgrade: Intrusion Prevention System 7.0.(9)/7.2.(1)
Timeline
08/22/2013 🔍09/19/2013 🔍
09/19/2013 🔍
09/19/2013 🔍
09/19/2013 🔍
09/19/2013 🔍
09/20/2013 🔍
09/24/2013 🔍
02/14/2014 🔍
02/16/2014 🔍
05/25/2021 🔍
Sources
Vendor: cisco.comAdvisory: Cisco IPS Authentication Manager Denial of Service Vulnerability
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2013-5497 (🔍)
X-Force: 87280 - Cisco Intrusion Prevention System MainApp denial of service
SecurityTracker: 1029057
Vulnerability Center: 43264 - Cisco Intrusion Prevention System Remote Denial of Service via a Malicious Management-Interface Connection Request, Medium
SecurityFocus: 62517 - Cisco IPS Software Authentication Manager CVE-2013-5497 Denial of Service Vulnerability
Secunia: 54958 - Cisco IPS Authentication Manager Denial of Service Weakness, Not Critical
OSVDB: 97525
Misc.: 🔍
Entry
Created: 09/24/2013 16:15Updated: 05/25/2021 20:31
Changes: 09/24/2013 16:15 (76), 05/20/2017 10:44 (1), 05/25/2021 20:24 (3), 05/25/2021 20:31 (1)
Complete: 🔍
No comments yet. Languages: en.
Please log in to comment.