CVE-2013-1194 - Vulnerability Details - OpenCVE

The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Adaptive Security Appliance Adaptive Security Appliance Software

Configuration 1 [-]

AND

cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*

cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2013-04-18T18:00:00

Updated: 2024-08-06T14:57:02.944Z

Reserved: 2013-01-11T00:00:00

Link: CVE-2013-1194

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2013-04-18T18:55:06.937

Modified: 2025-04-11T00:51:21.963

Link: CVE-2013-1194

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-04-17T00:00:00", "descriptions": [{"lang": "en", "value": "The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-12-02T13:57:00", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "20130417 Cisco ASA Software VPN Group Enumeration Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"}, {"name": "20130418 TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2013-1194", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20130417 Cisco ASA Software VPN Group Enumeration Vulnerability", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"}, {"name": "20130418 TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:57:02.944Z"}, "title": "CVE Program Container", "references": [{"name": "20130417 Cisco ASA Software VPN Group Enumeration Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"}, {"name": "20130418 TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2013-1194", "datePublished": "2013-04-18T18:00:00", "dateReserved": "2013-01-11T00:00:00", "dateUpdated": "2024-08-06T14:57:02.944Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F7FDABB-8C67-4E56-A533-233B50047603", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:cisco:adaptive_security_appliance:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D80DB80-F243-469B-993F-E368B092B3C5", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The ISAKMP implementation on Cisco Adaptive Security Appliances (ASA) devices generates different responses for IKE aggressive-mode messages depending on whether invalid VPN groups are specified, which allows remote attackers to enumerate groups via a series of messages, aka Bug ID CSCue73708."}, {"lang": "es", "value": "La implementaci\u00f3n ISAKMP en dispositivos Cisco Adaptive Security Appliances (ASA) genera diferentes respuestas de mensajes IKE en aggressive-mode en funci\u00f3n de si se especifican inv\u00e1lidos grupos VPN, lo que permite a atacantes remotos enumerar los grupos a trav\u00e9s de una serie de mensajes, tambi\u00e9n conocido como Bug ID CSCue73708."}], "evaluatorImpact": "Per: http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194\r\n\r\n'A vulnerability in the Internet Security Association and Key Management Protocol (ISAKMP) implementation in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to enumerate remote access VPN groups configured in a Cisco ASA device.'", "id": "CVE-2013-1194", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-04-18T18:55:06.937", "references": [{"source": "psirt@cisco.com", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"}, {"source": "psirt@cisco.com", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-04/0198.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1194"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}