2 matches found
Cisco ASA AES-GCM Vulnerability (Cisco-SA-20150616-CVE-2015-4550)
Cisco ASA is prone to an encrypted IPSec or IKEv2 modification vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...
CVE-2015-4550
CVE-2015-4550 affects Cisco ASA devices running ASA software 9.3(3) and 9.4(1.1), where the Cavium cryptographic-module firmware fails to verify AES-GCM ICV octets. This enables a remote attacker to perform a man-in-the-middle modification of IPSec/IKEv2 traffic without detection, effectively spo...