Executive Summary
Summary | |
---|---|
Title | Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability |
Informations | |||
---|---|---|---|
Name | cisco-sa-20151021-asa-dhcp1 | First vendor Publication | 2015-10-21 |
Vendor | Cisco | Last vendor Modification | 2015-10-21 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:N/I:N/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.1 | Attack Range | Network |
Cvss Impact Score | 6.9 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
A vulnerability in the DHCPv6 relay feature of Cisco Adaptive Security Appliance (ASA) software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of DHCPv6 packets. Cisco ASA Software is affected by this vulnerability only if the software is configured with the DHCPv6 relay feature. An attacker could exploit this vulnerability by sending crafted DHCPv6 packets to an affected device. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-asa-dhcp1 BEGIN PGP SIGNATURE Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJWJ6E/AAoJEIpI1I6i1Mx3ffkP/3HijAWXUfvOlxdMARZzScYD tyjICL7uJoze9XMAKVd1CZvqQgImaySEDhkmPgfHnFkV0kiKbOvOFj/Z51Z7u64Y VqbxUcaH5z3lldZDeTZOlML/Q2kbHYHWACBkwsXKm83v5lvzl8OwP0W7OenN/iQh TKJiNrcsaPtGQh2y40qw1/2k5kWe1SROJqAx5cK/RC2a260YZLC4vTqA4EVgiP/g N+C6gtn/r3/yxI5jg4aqi5qJnRJYzMs+U4IOuBxgYdWfwcHWQtZMWyKpQr+rgro9 DKnIVsNYbuxwFOJNxuNwtXfeMJE526aA/vbVn8syb4FHTaaKoLoqXZZHLuVFKqVw 3GN1+HHyXDRndixohQ9uxnI27z5fi/G4GN0V9LxukRx1ipyaIaZ8v+EoHpElH9gg 4IMdtyUsCMZ7pIyovGWkcZ8gVnYORvViMYLAqc7AjMnlclEYRnhQoZ1cTmBxDd6Z 9V1Yic+73F2XEi+6qjCyVN8bZjCWhfNMMCt8WdQU6kRciaiWdoy21WS592vmdo2V 9cuW2YgkNb6RO7fhWYSbmmu8HNXuwgWITJhfR1nBqX8Of/KZbXMoOwf4Lepzx+vQ ygkKhpHCIy7fjYaWm0LGJsPWHYdVSXiJMPgCaEkiRfzkj6Tj4u1o7JkTkKkErddD /bG78qgJml+GzUSeK3T7 =Ovg7 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-14 | Cisco ASA DHCPv6 relay denial of service attempt RuleID : 36557 - Revision : 1 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-09-15 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20151021-asa-dhcp1.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2016-09-16 13:24:48 |
|
2015-10-27 09:28:19 |
|
2015-10-21 21:22:13 |
|