Code injection

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote IPSec peer, which already has a negotiated Security Association, can cause the Traffi...

CVE-2021-23039

On version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.2.8, and all versions of 13.1.x and 12.1.x, when IPSec is configured on a BIG-IP system, undisclosed requests from an authorized remote IPSec peer, which already has a negotiated Security Association, can cause the Traffi...

CVE-2021-23039

CVE-2021-23039 affects F5 BIG-IP TMM: when IPSec is configured, authorized IPSec peers with an existing Security Association can cause TMM to terminate, leading to DoS. Affected branches include BIG-IP 16.x (16.0.0–16.0.1), 15.x (15.0.0–15.1.2), 14.x (14.1.0–14.1.4), and all 13.1.x/12.1.x; End of...

Fortinet FortiOS has an unspecified vulnerability (CNVD-2021-101140)

Fortinet FortiOS is a security operating system from Fortinet that is dedicated to the FortiGate network security platform. The system provides users with a variety of security features such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam.Fortinet FortiOS has a security...

GSD-2021-1001157 bonding: fix null dereference in bond_ipsec_add_sa()

bonding: fix null dereference in bondipsecaddsa This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.13.6 by commit...

Cisco Adaptive Security Appliance Software Release 7.0.0 IPsec DoS (cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC)

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

Cisco Firepower Threat Defense Software Release 7.0.0 IPsec DoS (cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC)

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

CVE-2020-20262

Mikrotik RouterOs before 6.47 stable tree suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...

CVE-2020-20262

Mikrotik RouterOs before 6.47 stable tree suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet...

CVE-2020-20262

The entries identify CVE-2020-20262 affecting MikroTik RouterOS before version 6.47 (stable). The vulnerability is an assertion failure in the /ram/pckg/security/nova/bin/ipsec process, exploitable by an authenticated remote attacker sending a crafted packet to cause a Denial of Service. Connecte...

MikroTik RouterOS 代码问题漏洞

MikroTik RouterOS is a Linux-based router operating system developed by MikroTik Latvia.An assertion failure vulnerability exists in MikroTik RouterOS, which stems from an authentication error in the product's /ram/pckg/security/nova/bin/ipsec process. An attacker could exploit this vulnerability...

CVE-2021-1422

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

Race condition

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

CVE-2021-1422 Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

CVE-2021-1422 Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

CVE-2020-11176

While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrago...

CVE-2020-11176

CVE-2020-11176 is a memory-corruption issue in Qualcomm closed‑source components (cert processing for IPSec server certificates; SAN API) that can cause a heap overflow. Affected: Snapdragon/mobile Qualcomm stack as per the CVE entry and Qualcomm bulletin; CVSSv3.1 base score 9.8 (Crypto/Network ...

CVE-2020-11176

While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrago...

SUSE: Security Advisory (SUSE-SU-2018:0423-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...