ID
VAR-201310-0519
CVE
CVE-2013-5536
TITLE
Cisco Secure Access Control System Service disruption in (DoS) Vulnerabilities
Trust: 0.8
DESCRIPTION
Cisco Secure Access Control System (ACS) does not properly implement an incoming-packet firewall rule, which allows remote attackers to cause a denial of service (process crash) via a flood of crafted packets, aka Bug ID CSCui51521. Cisco Secure ACS is a central management platform for Cisco network devices that controls device authentication and authorization. An attacker could exploit this vulnerability to cause some processes to crash, resulting in a denial of service. This issue is being tracked by Cisco Bug ID CSCui51521. The system can respectively control network access and network device access through RADIUS and TACACS protocols
Trust: 2.52
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | cisco | model: | secure access control system | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | cisco | model: | secure access control system software | scope: | lte | version: | 5.4.0.46.3 | Trust: 0.8 |
| vendor: | cisco | model: | secure access control system | scope: | - | version: | - | Trust: 0.6 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
input validation
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Cisco Secure ACS Distributed Deployment Denial of Service Vulnerability | url: | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5536 | Trust: 0.8 |
| title: | 31435 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=31435 | Trust: 0.8 |
| title: | Patch for Cisco Secure Access Control System Remote Denial of Service Vulnerability (CNVD-2013-14072) | url: | https://www.cnvd.org.cn/patchInfo/show/40528 | Trust: 0.6 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2013-5536 | Trust: 3.1 |
| db: | BID | id: | 63281 | Trust: 0.9 |
| db: | JVNDB | id: | JVNDB-2013-004876 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201310-609 | Trust: 0.7 |
| db: | CNVD | id: | CNVD-2013-14072 | Trust: 0.6 |
| db: | CISCO | id: | 20131022 CISCO SECURE ACS DISTRIBUTED DEPLOYMENT DENIAL OF SERVICE VULNERABILITY | Trust: 0.6 |
| db: | VULHUB | id: | VHN-65538 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-5536 | Trust: 2.3 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-5536 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-5536 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
CREDITS
Cisco
Trust: 0.3
SOURCES
| db: | CNVD | id: | CNVD-2013-14072 |
| db: | VULHUB | id: | VHN-65538 |
| db: | BID | id: | 63281 |
| db: | JVNDB | id: | JVNDB-2013-004876 |
| db: | CNNVD | id: | CNNVD-201310-609 |
| db: | NVD | id: | CVE-2013-5536 |
LAST UPDATE DATE
2025-04-11T23:08:40.514000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2013-14072 | date: | 2013-10-25T00:00:00 |
| db: | VULHUB | id: | VHN-65538 | date: | 2013-10-24T00:00:00 |
| db: | BID | id: | 63281 | date: | 2013-10-28T00:50:00 |
| db: | JVNDB | id: | JVNDB-2013-004876 | date: | 2013-10-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201310-609 | date: | 2013-10-28T00:00:00 |
| db: | NVD | id: | CVE-2013-5536 | date: | 2025-04-11T00:51:21.963 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2013-14072 | date: | 2013-10-25T00:00:00 |
| db: | VULHUB | id: | VHN-65538 | date: | 2013-10-24T00:00:00 |
| db: | BID | id: | 63281 | date: | 2013-10-22T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-004876 | date: | 2013-10-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201310-609 | date: | 2013-10-28T00:00:00 |
| db: | NVD | id: | CVE-2013-5536 | date: | 2013-10-24T10:53:09.880 |