VIR Vulnerability Intelligence Relay

CVE-2013-1155

high
Published 2013-04-11 · Modified 2026-04-29
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

The auth-proxy functionality in Cisco Firewall Services Module (FWSM) software 3.1 and 3.2 before 3.2(20.1), 4.0 before 4.0(15.2), and 4.1 before 4.1(5.1) allows remote attackers to cause a denial of service (device reload) via a crafted URL, aka Bug ID CSCtg02624.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-fwsm

Application impact
VendorProductVersionsFixed
cisco ciscofirewall_services_module_software3.1
cisco ciscofirewall_services_module_software3.2
cisco ciscofirewall_services_module_software3.2\(1\)
cisco ciscofirewall_services_module_software3.2\(2\)
cisco ciscofirewall_services_module_software3.2\(3\)
cisco ciscofirewall_services_module_software3.2\(4\)
cisco ciscofirewall_services_module_software3.2\(5\)
cisco ciscofirewall_services_module_software3.2\(6\)
cisco ciscofirewall_services_module_software3.2\(7\)
cisco ciscofirewall_services_module_software3.2\(8\)
cisco ciscofirewall_services_module_software3.2\(9\)
cisco ciscofirewall_services_module_software3.2\(10\)
cisco ciscofirewall_services_module_software3.2\(11\)
cisco ciscofirewall_services_module_software3.2\(12\)
cisco ciscofirewall_services_module_software3.2\(13\)
cisco ciscofirewall_services_module_software3.2\(14\)
cisco ciscofirewall_services_module_software3.2\(15\)
cisco ciscofirewall_services_module_software3.2\(16\)
cisco ciscofirewall_services_module_software3.2\(17\)
cisco ciscofirewall_services_module_software3.2\(18\)
cisco ciscofirewall_services_module_software3.2\(19\)
cisco ciscofirewall_services_module_software3.2\(20\)
cisco ciscofirewall_services_module_software4.0
cisco ciscofirewall_services_module_software4.0\(1\)
cisco ciscofirewall_services_module_software4.0\(2\)
cisco ciscofirewall_services_module_software4.0\(3\)
cisco ciscofirewall_services_module_software4.0\(4\)
cisco ciscofirewall_services_module_software4.0\(5\)
cisco ciscofirewall_services_module_software4.0\(6\)
cisco ciscofirewall_services_module_software4.0\(7\)
cisco ciscofirewall_services_module_software4.0\(8\)
cisco ciscofirewall_services_module_software4.0\(10\)
cisco ciscofirewall_services_module_software4.0\(11\)
cisco ciscofirewall_services_module_software4.0\(12\)
cisco ciscofirewall_services_module_software4.0\(13\)
cisco ciscofirewall_services_module_software4.0\(14\)
cisco ciscofirewall_services_module_software4.0\(15\)
cisco ciscofirewall_services_module_software4.1
cisco ciscofirewall_services_module_software4.1\(1\)
cisco ciscofirewall_services_module_software4.1\(2\)
cisco ciscofirewall_services_module_software4.1\(3\)
cisco ciscofirewall_services_module_software4.1\(4\)
cisco ciscofirewall_services_module_software4.1\(5\)

References

CWEs

CWE-287

Verify integrity in audit chain (admin only). AS-IS.