CVE-2013-1194

The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html	Broken Link
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194	Vendor Advisory
http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html	Broken Link
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:49

Type	Values Removed	Values Added
References	~~() http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html - Broken Link~~	() http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html - Broken Link
References	~~() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194 - Vendor Advisory~~	() http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194 - Vendor Advisory

11 Aug 2023, 18:54

Type	Values Removed	Values Added
CPE	cpe:2.3:a:cisco:adaptive_security_appliance_software:-:::::::*	cpe:2.3:o:cisco:adaptive_security_appliance_software:-:::::::*

Information

Published : 2013-04-18 18:55

Updated : 2025-04-11 00:51

NVD link : CVE-2013-1194

Mitre link : CVE-2013-1194

CVE.ORG link : CVE-2013-1194

JSON object : View

Products Affected

cisco

adaptive_security_appliance
adaptive_security_appliance_software

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2013-1194", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-04-18T18:55:06.937", "references": [{"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html", "tags": ["Broken Link"], "source": "psirt@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194", "tags": ["Vendor Advisory"], "source": "psirt@cisco.com"}, {"url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708."}, {"lang": "es", "value": "La implementaci\u00f3n ISAKMP en dispositivos Cisco Adaptive Security Appliances (ASA) genera diferentes respuestas de mensajes IKE en aggressive-mode en funci\u00f3n de si se especifican inv\u00e1lidos grupos VPN, lo que permite a atacantes remotos enumerar los grupos a trav\u00e9s de una serie de mensajes, tambi\u00e9n conocido como Bug ID CSCue73708."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5"}], "operator": "OR"}], "operator": "AND"}], "evaluatorImpact": "Per: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194\r\n\r\n'A vulnerability in the Internet Security Association and Key Management Protocol (ISAKMP) implementation in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to enumerate remote access VPN groups configured in a Cisco ASA device.'", "sourceIdentifier": "psirt@cisco.com"}