Vulnerability Details CVE-2016-1312
The HTTPS inspection engine in the Content Security and Control Security Services Module (CSC-SSM) 6.6 before 6.6.1164.0 for Cisco ASA 5500 devices allows remote attackers to cause a denial of service (memory consumption or device reload) via a flood of HTTPS packets, aka Bug ID CSCue76147.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 78.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 7.8
References
- http://www.securityfocus.com/bid/84281
- http://www.securitytracker.com/id/1035230
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-csc
- http://www.securityfocus.com/bid/84281
- http://www.securitytracker.com/id/1035230
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160309-csc
Products affected by CVE-2016-1312
-
cpe:2.3:h:cisco:asa_5500_csc-ssm:-
-
cpe:2.3:o:cisco:asa_5500_csc-ssm_firmware:6.6.1125.0