Improper input validation in Cisco Adaptive Security Appliance (ASA) - CVE-2015-6327

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Vulnerabilities #VU5672

Improper input validation in Cisco Adaptive Security Appliance (ASA) - CVE-2015-6327

Published: October 21, 2015 / Updated: February 9, 2017


Vulnerability identifier: #VU5672
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green
CVE-ID: CVE-2015-6327
CWE-ID: CWE-399
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco Adaptive Security Appliance (ASA)

Detailed vulnerability description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within implementation of Internet Key Exchange (IKE) protocol version 1 (v1). A remote unauthenticated attacker can send specially crafted Internet Security Association and Key Management Protocol (ISAKMP) UDP packets to the affected device and cause system reboot.

Successful exploitation of the vulnerability may allow an attacker to perform a denial of service (DoS) attack.



How to mitigate CVE-2015-6327

Install updates from vendor's website:

Cisco ASA 7.2 - migrate to 8.2(5.58) or later
Cisco ASA 8.2 - update to 8.2(5.58) or later
Cisco ASA 8.3 - migrate to 8.4(7.29) or later
Cisco ASA 8.4 - update to 8.4(7.29)
Cisco ASA 8.5 - migrate to 9.0(4.37) or later
Cisco ASA 8.6 - migrate to 9.0(4.37) or later
Cisco ASA 8.7 - update to 8.7(1.17)
Cisco ASA 9.0 - update to 9.0(4.37)
Cisco ASA 9.1  - update to 9.1(6.8)
Cisco ASA 9.2 - update to 9.2(4)
Cisco ASA 9.3  - update to 9.3(3)


Sources