CVE-2008-2732

Current Description

Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow remote attackers to cause a denial of service (device reload) via unknown vectors, aka Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, and CSCsq39315.

Basic Data

PublishedSeptember 04, 2008
Last ModifiedAugust 08, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-noinfo
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score7.8
SeverityHIGH
Exploitability Score10.0
Impact Score6.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3HardwareCiscoAdaptive Security Appliance 55007.2*******
    2.3HardwareCiscoAdaptive Security Appliance 55008.0*******
    2.3HardwareCiscoAdaptive Security Appliance 55008.1*******
    2.3HardwareCiscoPix7.2*******
    2.3HardwareCiscoPix8.0*******
    2.3HardwareCiscoPix8.1*******

Vulnerable Software List

VendorProductVersions
Cisco Adaptive Security Appliance 5500 7.2, 8.0, 8.1
Cisco Pix 7.2, 8.0, 8.1

References

NameSourceURLTags
31730http://secunia.com/advisories/31730SECUNIA
20080903 Cisco Applied Mitigation Bulletin: Identifying and Mitigating Exploitation of the Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASAhttp://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20080903-asaCISCO
20080903 Remote Access VPN and SIP Vulnerabilities in Cisco PIX and Cisco ASAhttp://www.cisco.com/en/US/products/products_security_advisory09186a00809f138a.shtmlCISCO
30998http://www.securityfocus.com/bid/30998BID
1020808http://www.securitytracker.com/id?1020808SECTRACK
1020809http://www.securitytracker.com/id?1020809SECTRACK
cisco-pix-asa-sipinspection-dos(44866)https://exchange.xforce.ibmcloud.com/vulnerabilities/44866XF