CVE-2013-5537
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The web framework on Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), and Content Security Management Appliance (SMA) devices does not properly manage the state of HTTP and HTTPS sessions, which allows remote attackers to cause a denial of service (management GUI outage) via multiple TCP connections, aka Bug IDs CSCuj59411, CSCuf89818, and CSCuh05635.
El framework web en dispositivos Cisco Web Security Appliance (WSA), Email Security Appliance (ESA), y Content Security Management Appliance (SMA) no manejan correctamente el estado de sesiones HTTP y HTTPS, lo cual permite a atacantes remotos causar denegación de servicio (agotamiento de GUI de gestión) a través de múltiples conexiones TCP, también conocido como bug IDs CSCuj59411, CSCuf89818, y CSCuh05635.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-08-22 CVE Reserved
- 2013-10-24 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5537 | 2018-10-30 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Web Security Appliance Search vendor "Cisco" for product "Web Security Appliance" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Content Security Management Appliance Search vendor "Cisco" for product "Content Security Management Appliance" | - | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Email Security Appliance Firmware Search vendor "Cisco" for product "Email Security Appliance Firmware" | - | - |
Affected
| ||||||