OpenCVE

Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:M/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Asa 5500 Pix 500

Configuration 1 [-]

OR	cpe:2.3:h:cisco:asa_5500:7.1:::::::*
	cpe:2.3:h:cisco:asa_5500:7.2:::::::*
	cpe:2.3:h:cisco:asa_5500:8.0:::::::*
	cpe:2.3:h:cisco:asa_5500:8.1:::::::*
	cpe:2.3:h:cisco:asa_5500:8.2:::::::*
	cpe:2.3:h:cisco:pix_500::::::::

No data.

References

Link	Providers
http://osvdb.org/62431
http://secunia.com/advisories/38618
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml
http://www.securityfocus.com/bid/38278
http://www.securitytracker.com/id?1023612
http://www.vupen.com/english/advisories/2010/0415
https://exchange.xforce.ibmcloud.com/vulnerabilities/56340

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2010-02-19T17:00:00

Updated: 2024-08-07T00:52:19.815Z

Reserved: 2010-02-10T00:00:00

Link: CVE-2010-0566

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-02-19T17:30:00.880

Modified: 2017-08-17T01:32:01.803

Link: CVE-2010-0566

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-02-17T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"name": "38618", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/38618"}, {"name": "cisco-asa-nat-aipssm-dos(56340)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340"}, {"name": "62431", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/62431"}, {"name": "1023612", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1023612"}, {"name": "38278", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/38278"}, {"name": "ADV-2010-0415", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2010/0415"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2010-0566", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"name": "38618", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/38618"}, {"name": "cisco-asa-nat-aipssm-dos(56340)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340"}, {"name": "62431", "refsource": "OSVDB", "url": "http://osvdb.org/62431"}, {"name": "1023612", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1023612"}, {"name": "38278", "refsource": "BID", "url": "http://www.securityfocus.com/bid/38278"}, {"name": "ADV-2010-0415", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0415"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T00:52:19.815Z"}, "title": "CVE Program Container", "references": [{"name": "20100217 Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"name": "38618", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/38618"}, {"name": "cisco-asa-nat-aipssm-dos(56340)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340"}, {"name": "62431", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/62431"}, {"name": "1023612", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1023612"}, {"name": "38278", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/38278"}, {"name": "ADV-2010-0415", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2010/0415"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2010-0566", "datePublished": "2010-02-19T17:00:00", "dateReserved": "2010-02-10T00:00:00", "dateUpdated": "2024-08-07T00:52:19.815Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "856917BD-179B-4C43-8EA6-034254720B63", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "800D4D6A-0814-4D83-8E66-945687AE58D0", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "0810F1FB-120C-4F4C-A9A7-6AA76227A4AD", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "F50FA336-1365-4449-86B6-855C06E4F516", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:asa_5500:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "3CBF542E-2454-4F54-93F6-8D003E06F9D7", "vulnerable": true}, {"criteria": "cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*", "matchCriteriaId": "2706D3BA-37A2-4D71-94DD-5386F5C94374", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Cisco ASA 5500 Series Adaptive Security Appliance v7.0 anterior a v7.0(8.10), v7.2 anterior a v7.2(4.45), v8.0 anterior a v8.0(4.44), 8.1 anterior a v8.1(2.35), y v8.2 anterior a v8.2(1.10) permite a atacantes remotos causar una denegaci\u00f3n de servicio (reinicio del dispositivo) mediante un segmento TCP incorrecto cuando se utilizan una traducci\u00f3n NAT determinada y las configuraciones de Cisco AIP-SSM, tambi\u00e9n conocido como Bug ID CSCtb37219."}], "id": "CVE-2010-0566", "lastModified": "2017-08-17T01:32:01.803", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-02-19T17:30:00.880", "references": [{"source": "ykramarz@cisco.com", "url": "http://osvdb.org/62431"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/38618"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml"}, {"source": "ykramarz@cisco.com", "url": "http://www.securityfocus.com/bid/38278"}, {"source": "ykramarz@cisco.com", "url": "http://www.securitytracker.com/id?1023612"}, {"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2010/0415"}, {"source": "ykramarz@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56340"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}