Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20160517-ASA-VPN
HistoryMay 17, 2016 - 2:00 p.m.

Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability

2016-05-1714:00:00
tools.cisco.com
11

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

43.8%

JSON

A vulnerability in the IPsec code of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause the depletion of a memory block, which may cause the system to stop forwarding traffic and result in a denial of service (DoS) condition.

The vulnerability is due to an error in the implementation of ICMP error handling for IPsec packets. An attacker could exploit this vulnerability by sending crafted packets through an established LAN-to-LAN or Remote Access VPN tunnel. A successful exploit could allow the attacker to deplete available memory and cause system instability or cause the system to stop forwarding traffic.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn”]

Affected configurations

Vulners
Node
ciscoadaptive_security_appliance_softwareMatch9.0
OR
ciscoadaptive_security_appliance_softwareMatch9.1
OR
ciscoadaptive_security_appliance_softwareMatch9.2
OR
ciscoadaptive_security_appliance_softwareMatch9.3
OR
ciscoadaptive_security_appliance_softwareMatch9.4
OR
ciscoadaptive_security_appliance_softwareMatch9.5
OR
ciscoadaptive_security_appliance_softwareMatch9.0.1
OR
ciscoadaptive_security_appliance_softwareMatch9.0.2
OR
ciscoadaptive_security_appliance_softwareMatch9.0.2.10
OR
ciscoadaptive_security_appliance_softwareMatch9.0.3
OR
ciscoadaptive_security_appliance_softwareMatch9.0.3.6
OR
ciscoadaptive_security_appliance_softwareMatch9.0.3.8
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.1
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.5
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.17
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.20
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.24
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.7
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.26
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.29
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.33
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.37
OR
ciscoadaptive_security_appliance_softwareMatch9.0.4.35
OR
ciscoadaptive_security_appliance_softwareMatch9.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.1.1.4
OR
ciscoadaptive_security_appliance_softwareMatch9.1.2
OR
ciscoadaptive_security_appliance_softwareMatch9.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.1.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.1.3.2
OR
ciscoadaptive_security_appliance_softwareMatch9.1.4
OR
ciscoadaptive_security_appliance_softwareMatch9.1.4.5
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5.10
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5.12
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5.15
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6
OR
ciscoadaptive_security_appliance_softwareMatch9.1.5.21
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6.1
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6.6
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6.4
OR
ciscoadaptive_security_appliance_softwareMatch9.1.6.8
OR
ciscoadaptive_security_appliance_softwareMatch9.2.1
OR
ciscoadaptive_security_appliance_softwareMatch9.2.2
OR
ciscoadaptive_security_appliance_softwareMatch9.2.2.4
OR
ciscoadaptive_security_appliance_softwareMatch9.2.2.7
OR
ciscoadaptive_security_appliance_softwareMatch9.2.3
OR
ciscoadaptive_security_appliance_softwareMatch9.2.2.8
OR
ciscoadaptive_security_appliance_softwareMatch9.2.3.3
OR
ciscoadaptive_security_appliance_softwareMatch9.2.3.4
OR
ciscoadaptive_security_appliance_softwareMatch9.2.0.0
OR
ciscoadaptive_security_appliance_softwareMatch9.2.0.104
OR
ciscoadaptive_security_appliance_softwareMatch9.2.3.1
OR
ciscoadaptive_security_appliance_softwareMatch9.2.4
OR
ciscoadaptive_security_appliance_softwareMatch9.3.1
OR
ciscoadaptive_security_appliance_softwareMatch9.3.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.3.2
OR
ciscoadaptive_security_appliance_softwareMatch9.3.2.2
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.1
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.2
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.5
OR
ciscoadaptive_security_appliance_softwareMatch9.3.3.6
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1
OR
ciscoadaptive_security_appliance_softwareMatch9.4.0.115
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1.1
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1.5
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1.3
OR
ciscoadaptive_security_appliance_softwareMatch9.4.1.2
OR
ciscoadaptive_security_appliance_softwareMatch9.5.1
VendorProductVersionCPE
ciscoadaptive_security_appliance_software9.0cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.1cpe:2.3:o:cisco:adaptive_security_appliance_software:9.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.2cpe:2.3:o:cisco:adaptive_security_appliance_software:9.2:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.3cpe:2.3:o:cisco:adaptive_security_appliance_software:9.3:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.4cpe:2.3:o:cisco:adaptive_security_appliance_software:9.4:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.5cpe:2.3:o:cisco:adaptive_security_appliance_software:9.5:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.1cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.2cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.2.10cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.3cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 701

Related

cve 1
cvelist 1
prion 1
nvd 1
openvas 1
cve
cve
CVE-2016-1379
2016-05-28 01:59:00
cvelist
cvelist
CVE-2016-1379
2016-05-28 01:00:00
prion
prion
Code injection
2016-05-28 01:59:00
nvd
nvd
CVE-2016-1379
2016-05-28 01:59:00
openvas
openvas
Cisco Adaptive Security Appliance VPN Memory Block Exhaustion Vulnerability (cisco-sa-20160517-asa-vpn)
2016-05-19 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

43.8%

JSON
Related for CISCO-SA-20160517-ASA-VPN
cve1cvelist1prion1nvd1openvas1