CVE-2013-5511 Information

Description

The Adaptive Security Device Management (ASDM) remote-management feature in Cisco Adaptive Security Appliance (ASA) Software 8.2.x before 8.2(5.46) 8.3.x before 8.3(2.39) 8.4.x before 8.4(6) 8.5.x before 8.5(1.18) 8.6.x before 8.6(1.12) 8.7.x before 8.7(1.7) 9.0.x before 9.0(3.1) and 9.1.x before 9.1(2.6) does not properly implement the authentication-certificate option which allows remote attackers to bypass authentication via a TCP session to an ASDM interface aka Bug ID CSCuh44815.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20131009-asa http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5511