CyberSec.Space Logo
Back to CVE Browser

CVE-2013-5509

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1320%
EPSS Percentile12.52th
PublishedOct 13, 2013
Last ModifiedApr 29, 2026

Vulnerability Description

The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or administrative access, via a crafted X.509 client certificate, aka Bug ID CSCuf52468.

Affected Platforms (CPE)

πŸ’»
Cisco

Adaptive Security Appliance Software

= 9.0
πŸ’»
Cisco

Adaptive Security Appliance Software

= 9.1

References & Advisories

πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5509
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa
πŸ”— http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5509

Related Vulnerabilities

CVE-2013-551110.0

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x...

CVE-2009-491910.0

Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attacker...

CVE-2009-491210.0

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS c...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...