Denial of service in Cisco ASA 5500-X Series and Cisco Adaptive Security Appliance (ASA) - CVE-2016-6424
Published: October 6, 2016 / Updated: April 5, 2018
Vulnerability identifier: #VU778
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-6424
CWE-ID: CWE-399
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco ASA 5500-X Series
Cisco Adaptive Security Appliance (ASA)
Cisco ASA 5500-X Series
Cisco Adaptive Security Appliance (ASA)
Detailed vulnerability description
The vulnerability allows a remote unauthenticated user to cause DoS conditions on the target system.
The weakness exists due to improper resource processing. A specially crafted DHCP packets sent by the attackers at specific rates can trigger the target interface to seize up and stop incoming traffic handling.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
The weakness exists due to improper resource processing. A specially crafted DHCP packets sent by the attackers at specific rates can trigger the target interface to seize up and stop incoming traffic handling.
Successful exploitation of the vulnerability results in denial of service on the vulnerable system.
How to mitigate CVE-2016-6424
Install update from vendor's website.