Lucene search

CiscoCVE-2016-1379

HistoryMay 28, 2016 - 1:59 a.m.

CVE-2016-1379

2016-05-2801:59:00

CWE-399

cisco

web.nvd.nist.gov

cisco

asa

software

ipsec

error handling

dos

cve-2016-1379

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

43.8%

JSON

Cisco Adaptive Security Appliance (ASA) Software 9.0 through 9.5.1 mishandles IPsec error processing, which allows remote authenticated users to cause a denial of service (memory consumption) via crafted (1) LAN-to-LAN or (2) Remote Access VPN tunnel packets, aka Bug ID CSCuv70576.

Affected configurations

Nvd

Node

ciscoadaptive_security_appliance_softwareMatch9.0.1

ciscoadaptive_security_appliance_softwareMatch9.0.2

ciscoadaptive_security_appliance_softwareMatch9.0.2.10

ciscoadaptive_security_appliance_softwareMatch9.0.3

ciscoadaptive_security_appliance_softwareMatch9.0.3.6

ciscoadaptive_security_appliance_softwareMatch9.0.3.8

ciscoadaptive_security_appliance_softwareMatch9.0.4

ciscoadaptive_security_appliance_softwareMatch9.0.4.1

ciscoadaptive_security_appliance_softwareMatch9.0.4.5

ciscoadaptive_security_appliance_softwareMatch9.0.4.7

ciscoadaptive_security_appliance_softwareMatch9.0.4.17

ciscoadaptive_security_appliance_softwareMatch9.0.4.20

ciscoadaptive_security_appliance_softwareMatch9.0.4.24

ciscoadaptive_security_appliance_softwareMatch9.0.4.26

ciscoadaptive_security_appliance_softwareMatch9.0.4.29

ciscoadaptive_security_appliance_softwareMatch9.0.4.33

ciscoadaptive_security_appliance_softwareMatch9.0.4.35

ciscoadaptive_security_appliance_softwareMatch9.0.4.37

ciscoadaptive_security_appliance_softwareMatch9.1.1

ciscoadaptive_security_appliance_softwareMatch9.1.1.4

ciscoadaptive_security_appliance_softwareMatch9.1.2

ciscoadaptive_security_appliance_softwareMatch9.1.2.8

ciscoadaptive_security_appliance_softwareMatch9.1.3

ciscoadaptive_security_appliance_softwareMatch9.1.3.2

ciscoadaptive_security_appliance_softwareMatch9.1.4

ciscoadaptive_security_appliance_softwareMatch9.1.4.5

ciscoadaptive_security_appliance_softwareMatch9.1.5

ciscoadaptive_security_appliance_softwareMatch9.1.5.10

ciscoadaptive_security_appliance_softwareMatch9.1.5.12

ciscoadaptive_security_appliance_softwareMatch9.1.5.15

ciscoadaptive_security_appliance_softwareMatch9.1.5.21

ciscoadaptive_security_appliance_softwareMatch9.1.6

ciscoadaptive_security_appliance_softwareMatch9.1.6.1

ciscoadaptive_security_appliance_softwareMatch9.1.6.4

ciscoadaptive_security_appliance_softwareMatch9.1.6.6

ciscoadaptive_security_appliance_softwareMatch9.1.6.8

ciscoadaptive_security_appliance_softwareMatch9.2\(0.0\)

ciscoadaptive_security_appliance_softwareMatch9.2\(0.104\)

ciscoadaptive_security_appliance_softwareMatch9.2\(3.1\)

ciscoadaptive_security_appliance_softwareMatch9.2.1

ciscoadaptive_security_appliance_softwareMatch9.2.2

ciscoadaptive_security_appliance_softwareMatch9.2.2.4

ciscoadaptive_security_appliance_softwareMatch9.2.2.7

ciscoadaptive_security_appliance_softwareMatch9.2.2.8

ciscoadaptive_security_appliance_softwareMatch9.2.3

ciscoadaptive_security_appliance_softwareMatch9.2.3.3

ciscoadaptive_security_appliance_softwareMatch9.2.3.4

ciscoadaptive_security_appliance_softwareMatch9.2.4

ciscoadaptive_security_appliance_softwareMatch9.3\(1.50\)

ciscoadaptive_security_appliance_softwareMatch9.3\(1.105\)

ciscoadaptive_security_appliance_softwareMatch9.3\(2.100\)

ciscoadaptive_security_appliance_softwareMatch9.3\(2.243\)

ciscoadaptive_security_appliance_softwareMatch9.3.1

ciscoadaptive_security_appliance_softwareMatch9.3.1.1

ciscoadaptive_security_appliance_softwareMatch9.3.2

ciscoadaptive_security_appliance_softwareMatch9.3.2.2

ciscoadaptive_security_appliance_softwareMatch9.3.3

ciscoadaptive_security_appliance_softwareMatch9.3.3.1

ciscoadaptive_security_appliance_softwareMatch9.3.3.2

ciscoadaptive_security_appliance_softwareMatch9.3.3.5

ciscoadaptive_security_appliance_softwareMatch9.3.3.6

ciscoadaptive_security_appliance_softwareMatch9.4.0.115

ciscoadaptive_security_appliance_softwareMatch9.4.1

ciscoadaptive_security_appliance_softwareMatch9.4.1.1

ciscoadaptive_security_appliance_softwareMatch9.4.1.2

ciscoadaptive_security_appliance_softwareMatch9.4.1.3

ciscoadaptive_security_appliance_softwareMatch9.4.1.5

ciscoadaptive_security_appliance_softwareMatch9.5.1

VendorProductVersionCPE
ciscoadaptive_security_appliance_software9.0.1cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.2cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.2.10cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.3cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.3.6cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.6:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.3.8cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.8:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.4cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.4.1cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.1:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.4.5cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.5:*:*:*:*:*:*:*
ciscoadaptive_security_appliance_software9.0.4.7cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	adaptive_security_appliance_software	9.0.1	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.1:::::::*
cisco	adaptive_security_appliance_software	9.0.2	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2:::::::*
cisco	adaptive_security_appliance_software	9.0.2.10	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.2.10:::::::*
cisco	adaptive_security_appliance_software	9.0.3	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3:::::::*
cisco	adaptive_security_appliance_software	9.0.3.6	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.6:::::::*
cisco	adaptive_security_appliance_software	9.0.3.8	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.3.8:::::::*
cisco	adaptive_security_appliance_software	9.0.4	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4:::::::*
cisco	adaptive_security_appliance_software	9.0.4.1	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.1:::::::*
cisco	adaptive_security_appliance_software	9.0.4.5	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.5:::::::*
cisco	adaptive_security_appliance_software	9.0.4.7	cpe:2.3:o:cisco:adaptive_security_appliance_software:9.0.4.7:::::::*

Rows per page:

1-10 of 681

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160517-asa-vpn

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:N/I:N/A:C

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.2

Confidence

High

EPSS

0.001

Percentile

43.8%

JSON

Related for CVE-2016-1379