CyberSec.Space Logo
Back to CVE Browser

CVE-2013-5511

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0480%
EPSS Percentile8.37th
PublishedOct 13, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46), 8.3.x before 8.3(2.39), 8.4.x before 8.4(6), 8.5.x before 8.5(1.18), 8.6.x before 8.6(1.12), 8.7.x before 8.7(1.7), 9.0.x before 9.0(3.1), and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option, which allows remote attackers to bypass authentication via a TCP session to an ASDM interface, aka Bug ID CSCuh44815.

Affected Platforms (CPE)

πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(1\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(2\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(3\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(3.9\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(4\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(4.1\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(4.4\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(5\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(5.35\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2\(5.38\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2.1
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2.2
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2.2
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.2.3
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.3\(1\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.3\(2\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.3\(2.34\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.3\(2.37\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.3.1
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.3.1
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.3.2
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.4
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.4\(1\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.4\(1.11\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.4\(2\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.4\(2.11\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.4\(3\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.4\(4.11\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.4\(5\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.5
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.5\(1\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.5\(1.4\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.5\(1.17\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.6
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.6\(1\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.6\(1.3\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.6\(1.10\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.7\(1.3\)
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.7.1
πŸ’»
Cisco

Adaptive Security Appliance Software

= 8.7.1.1
πŸ’»
Cisco

Adaptive Security Appliance Software

= 9.0
πŸ’»
Cisco

Adaptive Security Appliance Software

= 9.1
πŸ’»
Cisco

Adaptive Security Appliance Software

= 9.1\(1.7\)

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5511
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5511

Related Vulnerabilities

CVE-2013-550910.0

The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote...

CVE-2009-491910.0

Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attacker...

CVE-2009-491210.0

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS c...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...