Vulnerability Details : CVE-2010-0149
Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka "TCP Connection Exhaustion Denial of Service Vulnerability."
Vulnerability category: Denial of service
Products affected by CVE-2010-0149
- cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5500:8.2:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5500:8.0:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:asa_5500:8.1:*:*:*:*:*:*:*
- cpe:2.3:h:cisco:pix_500:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-0149
2.42%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 88 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2010-0149
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | AV:N/AC:L/Au:N/C:N/I:N/A:C |
10.0
|
6.9
|
NIST |
References for CVE-2010-0149
-
http://www.securityfocus.com/bid/38275
Cisco ASA Appliance TCP Connection Exhaustion Denial of Service Vulnerability
-
http://www.securitytracker.com/id?1023612
Cisco ASA TCP, SIP, SCCP, DTLS, and IKE Processing Flaws Let Remote Users Deny Service - SecurityTracker
-
http://www.vupen.com/english/advisories/2010/0415
Webmail | OVH- OVHVendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/56336
Cisco ASA 5500 and PIX 500 TCP connection denial of service CVE-2010-0149 Vulnerability Report
-
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910c.shtml
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances - CiscoVendor Advisory
Jump to