CVE-2013-6682

medium

Cisco

CVSS v3 Base Score

6.4

AV:N/AC:L/Au:N/C:N/I:P/A:P

EPSS Score

0.2%

Exploitation probability in 30 days

Top 56% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Confidentiality

None

Integrity

Availability

Published: November 13, 2013 (4564 days ago)

Last Modified: April 29, 2026

Vendor: Cisco

Source: NVD

Description

The phone-proxy implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0.3.6 and earlier does not properly validate X.509 certificates, which allows remote attackers to cause a denial of service (connection-database corruption) via an invalid entry, aka Bug ID CSCui33299.

CWE

CWE-20

Affected Products

cisco adaptive security appliance software

References

🔗 tools.cisco.com 🔗 tools.cisco.com 🔗 tools.cisco.com 🔗 tools.cisco.com

CVE-2013-6682

Vulnerability Report

Description

CWE

Affected Products

References