CyberSec.Space Logo
CVEブラウザに戻る

CVE-2013-5509

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1320%
EPSS Percentile12.52th
Published2013年10月13日
Last Modified2026年4月29日

Vulnerability Description

The SSL implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0 before 9.0(2.6) and 9.1 before 9.1(2) allows remote attackers to bypass authentication, and obtain VPN access or administrative access, via a crafted X.509 client certificate, aka Bug ID CSCuf52468.

Affected Platforms (CPE)

💻
Cisco

Adaptive Security Appliance Software

= 9.0
💻
Cisco

Adaptive Security Appliance Software

= 9.1

References & Advisories

🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5509
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa
🔗 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5509

関連する脆弱性情報

CVE-2013-551110.0

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x...

CVE-2009-491910.0

Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attacker...

CVE-2009-491210.0

Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS c...

CVE-2018-010110.0

A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could ...