Firewall Services Module Software
CVE-2012-0356
HIGH
Severity by source
AV:N/AC:L/Au:N/C:N/I:N/A:C
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:L/Au:N/C:N/I:N/A:C
Lifecycle Timeline
1DescriptionCVE.org
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM) 3.1 and 3.2 before 3.2(23) and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 series devices, when multicast routing is enabled, allow remote attackers to cause a denial of service (device reload) via a crafted IPv4 PIM message, aka Bug IDs CSCtr47517 and CSCtu97367.
AnalysisAI
Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-20. Cisco Adaptive Security Appliances (ASA) 5500 series devices, and the ASA Services Module (ASASM) in Cisco Catalyst 6500 series devices, with software 7.0 through 7.2 before 7.2(5.7), 8.0 before 8.0(5.27), 8.1 before 8.1(2.53), 8.2 before 8.2(5.8), 8.3 before 8.3(2.25), 8.4 before 8.4(2.5), and 8.5 before 8.5(1.2) and the Firewall Services Module (FWSM) 3.1 and 3.2 before 3.2(23) and 4.0 and 4.1 before 4.1(8) in Cisco Catalyst 6500 series devices, when multicast routing is enabled, allow remote attackers to cause a denial of service (device reload) via a crafted IPv4 PIM message, aka Bug IDs CSCtr47517 and CSCtu97367. Affected products include: Cisco Firewall Services Module Software, Cisco Adaptive Security Appliance Software, Cisco 5500 Series Adaptive Security Appliance, Cisco Catalyst 6500, Cisco Catalyst 6503-E. Version information: through 7.2.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before
Cisco Adaptive Security Appliances (ASA) devices with software 7.x before 7.2(5.10), 8.0 before 8.0(5.28), 8.1 and 8.2 b
The SQL*Net inspection engine in Cisco Adaptive Security Appliance (ASA) Software 7.x before 7.2(5.12), 8.x before 8.2(5
Race condition in the cut-through proxy feature in Cisco Firewall Services Module (FWSM) Software 3.x before 3.2(28) and
The authorization functionality in Cisco Firewall Services Module (FWSM) 3.1.x and 3.2.x before 3.2(25) and 4.x before 4
Same weakness CWE-20 – Improper Input Validation
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today