CVE-2013-3386

{"id": "CVE-2013-3386", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-06-27T21:55:07.090", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-esa", "tags": ["Vendor Advisory"], "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-sma", "source": "ykramarz@cisco.com"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-esa", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130626-sma", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "The IronPort Spam Quarantine (ISQ) component in the web framework in IronPort AsyncOS on Cisco Email Security Appliance devices before 7.1.5-106 and 7.3, 7.5, and 7.6 before 7.6.3-019 and Content Security Management Appliance devices before 7.9.1-102 and 8.0 before 8.0.0-404 allows remote attackers to cause a denial of service (service crash or hang) via a high rate of TCP connection attempts, aka Bug IDs CSCzv25573 and CSCzv81712."}, {"lang": "es", "value": "El componente de IronPort Spam Quarantine (ISQ) en el framework web de IronPort AsyncOS en dispositivos Cisco Email Security Appliance anteriores a v7.1.5-106 y v7.3, v7.5 y v7.6 antes de v7.6.3-019 y dispositivos Content Security Management Appliance antes de v7.9.1 -102 y v8.0 antes de v8.0.0-404 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del servicio o cuelgue) a trav\u00e9s de una alta tasa de intentos de conexi\u00f3n TCP, identificadores de incidencias tambi\u00e9n conocido como CSCzv25573 y CSCzv81712."}], "lastModified": "2024-11-21T01:53:32.063", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cisco:ironport_asyncos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B65E15B-9680-4A77-A579-96F250D1AF88", "versionEndIncluding": "7.1.5"}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:7.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5C0DD8C-4865-46F9-AA25-A468F9DB35F9"}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8B29C05-CC5F-429F-A77B-73C5D6052C12"}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:7.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F82B4FD-20BF-49A7-B0EA-8109B0BEA848"}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:7.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5DFFBC92-3D52-4FA6-AB46-A774B9A9C6DB"}, {"criteria": "cpe:2.3:o:cisco:ironport_asyncos:8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEBB85CD-0DE0-49CF-80F2-4E343F3E151E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:cisco:content_security_management:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1F1C1929-DBDA-42CE-A497-CAE0540F2174"}, {"criteria": "cpe:2.3:o:cisco:email_security_appliance_firmware:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5BA3A518-E103-4D98-A040-88ED4E0D73CC"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ykramarz@cisco.com"}