CVE-2014-0653 : The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance

The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to trigger authentication-state modifications via a crafted NetBIOS logout probe response, aka Bug ID CSCuj45340.

Published 2014-01-08 21:55:06

Updated 2025-04-11 00:51:22

Source Cisco Systems, Inc.

View at NVD, CVE.org

Products affected by CVE-2014-0653

Cisco » Adaptive Security Appliance
cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2014-0653

EPSS FAQ

0.70%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 70 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-0653

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:P/A:N	8.6	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

CWE ids for CVE-2014-0653

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-0653

http://tools.cisco.com/security/center/viewAlert.x?alertId=32363

Cisco Adaptive Security Appliance Identity Firewall NetBIOS Logout Probe Auth State Change Vulnerability
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0653

Cisco Adaptive Security Appliance Identity Firewall NetBIOS Logout Probe Auth State Change Vulnerability
Vendor Advisory
http://www.securityfocus.com/bid/64708

Cisco Adaptive Security Appliance Authorization State Change Security Bypass Vulnerability
Third Party Advisory;VDB Entry
http://www.securitytracker.com/id/1029570

Cisco ASA Identity Firewall NetBIOS Logout Probe Response Handling Bug Lets Remote Users Modify Access Status - SecurityTracker
Third Party Advisory;VDB Entry
http://osvdb.org/101834
http://secunia.com/advisories/56366

Sign in

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/90165

Cisco Adaptive Security Appliance Identity Firewall security bypass CVE-2014-0653 Vulnerability Report

Jump to

Vulnerability Details : CVE-2014-0653

Products affected by CVE-2014-0653

Exploit prediction scoring system (EPSS) score for CVE-2014-0653

CVSS scores for CVE-2014-0653

CWE ids for CVE-2014-0653

References for CVE-2014-0653