CVE-2012-0378

high

Published 2012-05-03 · Modified 2026-04-29

CVSS v3

—

CVSS v2

7.8

VIR risk

7.8

Description

Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 through 8.4 allow remote attackers to cause a denial of service (connection limit exceeded) by triggering a large number of stale connections that result in an incorrect value for an MPF connection count, aka Bug ID CSCtv19854.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.

References

http://www.cisco.com/web/software/280775065/89203/ASA-843-Interim-Release-Notes.html
http://www.cisco.com/web/software/280775065/89203/ASA-843-Interim-Release-Notes.html

CWEs

CWE-189

Verify integrity in audit chain (admin only). AS-IS.