Information disclosure

2013-10-1310:20:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.0%

JSON

Cisco Adaptive Security Appliance (ASA) Software 8.4.x before 8.4(3) and 8.6.x before 8.6(1.3) does not properly manage memory upon an AnyConnect SSL VPN client disconnection, which allows remote attackers to cause a denial of service (memory consumption, and forwarding outage or system hang) via packets to the disconnected machine’s IP address, aka Bug ID CSCtt36737.

CPENameOperatorVersion
adaptive_security_appliance_softwareeq8.41.11
adaptive_security_appliance_softwareeq8.42.0
adaptive_security_appliance_softwareeq8.42.11
adaptive_security_appliance_softwareeq8.41.0
adaptive_security_appliance_softwareeq8.4
adaptive_security_appliance_softwareeq8.61.0
adaptive_security_appliance_softwareeq8.61.10
adaptive_security_appliance_softwareeq8.6

Name	Operator	Version
adaptive_security_appliance_software	eq	8.41.11
adaptive_security_appliance_software	eq	8.42.0
adaptive_security_appliance_software	eq	8.42.11
adaptive_security_appliance_software	eq	8.41.0
adaptive_security_appliance_software	eq	8.4
adaptive_security_appliance_software	eq	8.61.0
adaptive_security_appliance_software	eq	8.61.10
adaptive_security_appliance_software	eq	8.6