6.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:N/I:N/A:C
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
44.3%
A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this vulnerability by sending malformed, authenticated IKEv2 messages to an affected device
#TRUSTED 6d121d6f16a9cff1721df8831d3bff9df9f7bb6ee732ce2c6147ce9f2bbccf4235df58a7a3869f02bf5568475763ce3f472581e50bc03d2f26b4a09e48417e6af1115f4173d0952091d4c4c77eb7a420d369bb2fbf029bbf26e612594de760fa039fad51b569550e03068e9499675d7c53fa3030900fa347dc7aeea246f0deae87e1a5171ee1fb43108efbb84c20166f14386a6f05c32c0a6013bd85ec3da55683d8c43c0eb1eb980d04b077256757178c992280d8474358d4526b95e09382eeb466bbf8c38d664373f2d62854210c4f716e6695346e3233d83e45c53de220fe9861c305223ae0f34edb16e98ff2239a9f744e20773abd68af5717fa63697f61b032bbbe7a2c3107d49f61a5746cdf0a18764c786892aa1a5d984f9878b001863c6819ee79b89e933be47eb3decac308a1bfc17a6a8bb168899e626449771db82dc8575907a78a04201aea3ea7b98832494c2b1543af0f65addeb60630d07544ad03ec7eda8911ca44efc4e62ce94e87c7347baa1fe4708c556f331436968f25e7b2500a24676b6eb0fe14ad84679852db21d1ac8f3860d35991c1b78a5f633bbcfa07f9feba0816970cc27eaba33df5bf53be34aea11c5692be4e454f285fb2651c1abec39d1bb416df2ba3723128bc4011a228e9964e490eb3b7d2cdee83b8519467cf9dcb246b827955d4d76386df54d1d34ba6e577033348e2f32422f1bb
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(160762);
script_version("1.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/05/17");
script_cve_id("CVE-2021-40125");
script_xref(name:"CISCO-BUG-ID", value:"CSCvy93480");
script_xref(name:"CISCO-SA", value:"cisco-sa-asaftd-ikev2-dos-g4cmrr7C");
script_xref(name:"IAVA", value:"2021-A-0508-S");
script_name(english:"Cisco Adaptive Security Appliance Software IKEv2 Site-to-Site VPN Denial of Service (cisco-sa-asaftd-ikev2-dos-g4cmrr7C)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation of Cisco Adaptive Security Appliance
(ASA) Software could allow an authenticated, remote attacker to trigger a denial of service (DoS) condition on an
affected device. This vulnerability is due to improper control of a resource. An attacker with the ability to spoof
a trusted IKEv2 site-to-site VPN peer and in possession of valid IKEv2 credentials for that peer could exploit this
vulnerability by sending malformed, authenticated IKEv2 messages to an affected device");
# https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ikev2-dos-g4cmrr7C
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0c784582");
script_set_attribute(attribute:"see_also", value:"https://tools.cisco.com/security/center/viewErp.x?alertId=ERP-74773");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvy93480");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCvy93480");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-40125");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(416);
script_set_attribute(attribute:"vuln_publication_date", value:"2021/10/27");
script_set_attribute(attribute:"patch_publication_date", value:"2021/10/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/05/09");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:adaptive_security_appliance_software");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl", "os_fingerprint.nasl");
script_require_keys("Host/Cisco/ASA/model");
exit(0);
}
include('ccf.inc');
include('cisco_workarounds.inc');
var product_info = cisco::get_product_info(name:'Cisco Adaptive Security Appliance (ASA) Software');
var vuln_ranges = [
{'min_ver': '9.8', 'fix_ver': '9.8.4.40'},
{'min_ver': '9.9', 'fix_ver': '9.12.4.30'},
{'min_ver': '9.13', 'fix_ver': '9.14.3.9'},
{'min_ver': '9.15', 'fix_ver': '9.15.1.17'},
{'min_ver': '9.16', 'fix_ver': '9.16.2'}
];
var workarounds = make_list(CISCO_WORKAROUNDS['generic_workaround']);
var workaround_params = WORKAROUND_CONFIG['ikev2_site_to_site_VPN_peer'];
var reporting = make_array(
'port' , 0,
'severity' , SECURITY_WARNING,
'version' , product_info['version'],
'bug_id' , 'CSCvy93480',
'cmds' , make_list('show running-config crypto')
);
cisco::check_and_report(
product_info:product_info,
workarounds:workarounds,
reporting:reporting,
vuln_ranges:vuln_ranges
);
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | adaptive_security_appliance_software | cpe:/a:cisco:adaptive_security_appliance_software |
6.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:M/Au:S/C:N/I:N/A:C
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.001 Low
EPSS
Percentile
44.3%