CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.7%
Buffer overflow in the IKEv1 and IKEv2 implementations in Cisco ASA Software before 8.4(7.30), 8.7 before 8.7(1.18), 9.0 before 9.0(4.38), 9.1 before 9.1(7), 9.2 before 9.2(4.5), 9.3 before 9.3(3.7), 9.4 before 9.4(2.4), and 9.5 before 9.5(2.2) on ASA 5500 devices, ASA 5500-X devices, ASA Services Module for Cisco Catalyst 6500 and Cisco 7600 devices, ASA 1000V devices, Adaptive Security Virtual Appliance (aka ASAv), Firepower 9300 ASA Security Module, and ISA 3000 devices allows remote attackers to execute arbitrary code or cause a denial of service (device reload) via crafted UDP packets, aka Bug IDs CSCux29978 and CSCux42019.
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | adaptive_security_appliance_software | 7.2.1 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2.1.9 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1.9:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2.1.13 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1.13:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2.1.19 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1.19:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2.1.24 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.1.24:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2.2 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2.2.6 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2.6:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2.2.10 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2.10:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2.2.14 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2.14:*:*:*:*:*:*:* |
cisco | adaptive_security_appliance_software | 7.2.2.18 | cpe:2.3:o:cisco:adaptive_security_appliance_software:7.2.2.18:*:*:*:*:*:*:* |
packetstormsecurity.com/files/137100/Cisco-ASA-Software-IKEv1-IKEv2-Buffer-Overflow.html
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160210-asa-ike
www.securitytracker.com/id/1034997
blog.exodusintel.com/2016/02/10/firewall-hacking/
www.exploit-db.com/exploits/39823/
www.kb.cert.org/vuls/id/327976
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
99.7%