// For flags

CVE-2013-3386

 

Severity Score

7.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019 and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (service crash or hang) via a high rate of TCP connection attempts, aka Bug IDs CSCzv25573 and CSCzv81712.

El componente de IronPort Spam Quarantine (ISQ) en el framework web de IronPort AsyncOS en dispositivos Cisco Email Security Appliance anteriores a v7.1.5-106 y v7.3, v7.5 y v7.6 antes de v7.6.3-019 y dispositivos Content Security Management Appliance antes de v7.9.1 -102 y v8.0 antes de v8.0.0-404 permite a atacantes remotos provocar una denegación de servicio (caída del servicio o cuelgue) a través de una alta tasa de intentos de conexión TCP, identificadores de incidencias también conocido como CSCzv25573 y CSCzv81712.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-05-06 CVE Reserved
  • 2013-06-27 CVE Published
  • 2024-09-16 CVE Updated
  • 2024-09-17 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-399: Resource Management Errors
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
<= 7.1.5
Search vendor "Cisco" for product "Ironport Asyncos" and version " <= 7.1.5"
-
Affected
in Cisco
Search vendor "Cisco"
Content Security Management
Search vendor "Cisco" for product "Content Security Management"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
<= 7.1.5
Search vendor "Cisco" for product "Ironport Asyncos" and version " <= 7.1.5"
-
Affected
in Cisco
Search vendor "Cisco"
Email Security Appliance Firmware
Search vendor "Cisco" for product "Email Security Appliance Firmware"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
7.3
Search vendor "Cisco" for product "Ironport Asyncos" and version "7.3"
-
Affected
in Cisco
Search vendor "Cisco"
Content Security Management
Search vendor "Cisco" for product "Content Security Management"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
7.3
Search vendor "Cisco" for product "Ironport Asyncos" and version "7.3"
-
Affected
in Cisco
Search vendor "Cisco"
Email Security Appliance Firmware
Search vendor "Cisco" for product "Email Security Appliance Firmware"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
7.5
Search vendor "Cisco" for product "Ironport Asyncos" and version "7.5"
-
Affected
in Cisco
Search vendor "Cisco"
Content Security Management
Search vendor "Cisco" for product "Content Security Management"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
7.5
Search vendor "Cisco" for product "Ironport Asyncos" and version "7.5"
-
Affected
in Cisco
Search vendor "Cisco"
Email Security Appliance Firmware
Search vendor "Cisco" for product "Email Security Appliance Firmware"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
7.6
Search vendor "Cisco" for product "Ironport Asyncos" and version "7.6"
-
Affected
in Cisco
Search vendor "Cisco"
Content Security Management
Search vendor "Cisco" for product "Content Security Management"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
7.6
Search vendor "Cisco" for product "Ironport Asyncos" and version "7.6"
-
Affected
in Cisco
Search vendor "Cisco"
Email Security Appliance Firmware
Search vendor "Cisco" for product "Email Security Appliance Firmware"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
7.9
Search vendor "Cisco" for product "Ironport Asyncos" and version "7.9"
-
Affected
in Cisco
Search vendor "Cisco"
Content Security Management
Search vendor "Cisco" for product "Content Security Management"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
7.9
Search vendor "Cisco" for product "Ironport Asyncos" and version "7.9"
-
Affected
in Cisco
Search vendor "Cisco"
Email Security Appliance Firmware
Search vendor "Cisco" for product "Email Security Appliance Firmware"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
8.0
Search vendor "Cisco" for product "Ironport Asyncos" and version "8.0"
-
Affected
in Cisco
Search vendor "Cisco"
Content Security Management
Search vendor "Cisco" for product "Content Security Management"
--
Safe
Cisco
Search vendor "Cisco"
Ironport Asyncos
Search vendor "Cisco" for product "Ironport Asyncos"
8.0
Search vendor "Cisco" for product "Ironport Asyncos" and version "8.0"
-
Affected
in Cisco
Search vendor "Cisco"
Email Security Appliance Firmware
Search vendor "Cisco" for product "Email Security Appliance Firmware"
--
Safe