CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
61.0%
Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulnerabilities:
Cisco ASA Failover Command Injection Vulnerability
Cisco ASA DNS Memory Exhaustion Vulnerability
Cisco ASA VPN XML Parser Denial of Service Vulnerability
Successful exploitation of the Cisco ASA Failover Command Injection Vulnerability would
allow an attacker to submit failover commands to the failover units, which may result in an attacker taking full control of the systems.
Successful exploitation of the Cisco ASA DNS Memory Exhaustion Vulnerability may result in
system instability and dropped traffic.
Successful exploitation of the
Cisco ASA VPN XML Parser Denial of Service Vulnerability may result in a crash of the WebVPN
process, which may lead to the reset of all SSL VPN connections, system
instability, and a reload of the affected system.
Cisco has released software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are
available for the Cisco ASA Failover Command Injection Vulnerability and
Cisco ASA DNS Memory Exhaustion Vulnerability. This advisory is available at the following link:
Note: The resolution of the vulnerability in the Cisco Security Advisory Cisco
ASA FirePOWER Services and Cisco ASA CX Crafted Packets Denial of
Service Vulnerability, cisco-sa-20150408-cxfp, released on the 8th of April may require an upgrade of the Cisco
ASA Software release. Cisco ASA customers should review cisco-sa-20150408-cxfp
before deciding which Cisco ASA Software release to upgrade to.
The Cisco Security Advisory Cisco ASA FirePOWER Services and Cisco ASA
CX Crafted Packets Denial of Service Vulnerability is available at the
following link:
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | adaptive_security_appliance_software | 7.0 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.0:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.1 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.1:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 8.0 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.0:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 8.2 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.2:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 8.1 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.1:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 8.3 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.3:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 8.4 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.4:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 8.5 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.5:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 8.6 | cpe:2.3:o:cisco:adaptive_security_appliance_software:8.6:*:*:*:*:*:*:* |