CVE-2013-5488

Published Sep 12, 2013

Last updated a month ago

CVSS info 5.0

Overview

Description: Cisco Common Services, as used in Cisco Prime LAN Management Solution (LMS), Cisco Security Manager, Cisco Unified Service Monitor, and Cisco Unified Operations Manager, does not properly interact with the ActiveMQ component, which allows remote attackers to cause a denial of service (memory consumption) via simultaneous TCP sessions, aka Bug IDs CSCuh54766, CSCuh01267, CSCuh95976, and CSCuh95969.
Source: psirt@cisco.com
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:prime_lan_management_solution:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E09BFF1-6273-4BC4-9DFA-563F490E2754"
          },
          {
            "criteria": "cpe:2.3:a:cisco:security_manager:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7AC03BFB-10FA-4276-930F-DB450E89DCD8"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_operations_manager:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A3F10FFA-58FA-45BC-BD2A-7C01D8D02315"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_service_monitor:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DB2F9E15-8B14-4CBB-B997-0DB94E9A5624"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References