Lucene search

[email protected]CVE-2016-1287

HistoryFeb 11, 2016 - 6:59 p.m.

CVE-2016-1287

2016-02-1118:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cisco

asa software

buffer overflow

ikev1

ikev2

cve-2016-1287

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.969 High

EPSS

Percentile

99.7%

JSON

Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019.

CPENameOperatorVersion
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq9.3.2
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq9.1.1.4
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq9.1.4
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq8.6.1.12
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq9.2.2.7
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq9.1.5.21
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq9.1.3
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq9.1.2
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq9.2.3
cisco:adaptive_security_appliance_softwarecisco adaptive security appliance softwareeq9.3.1.1

CPE	Name	Operator	Version
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	9.3.2
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	9.1.1.4
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	9.1.4
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	8.6.1.12
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	9.2.2.7
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	9.1.5.21
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	9.1.3
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	9.1.2
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	9.2.3
cisco:adaptive_security_appliance_software	cisco adaptive security appliance software	eq	9.3.1.1