CVE-2013-1218

high

Published 2013-07-18 · Modified 2026-04-29

CVSS v3

—

CVSS v2

7.8

VIR risk

7.8

Description

Cisco Intrusion Prevention System (IPS) Software in ASA 5500-X IPS-SSP software modules before 7.1(7)sp1E4 allows remote attackers to cause a denial of service (Analysis Engine process hang or device reload) via fragmented (1) IPv4 or (2) IPv6 packets, aka Bug ID CSCue51272.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: psirt@cisco.com — http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips

Application impact

Vendor	Product	Versions	Fixed
cisco	asa_5500-x_series_ips_ssp_software	`7.1`
cisco	intrusion_prevention_system	`{"endIncluding":"7.1"}`

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130717-ips

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.