Executive Summary

TitleCisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability
Namecisco-sa-20181031-asaftd-sip-dosFirst vendor Publication2018-10-31
VendorCiscoLast vendor Modification2018-10-31
Severity (Vendor) N/ARevisionN/A

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition.

The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device.

Software updates that address this vulnerability are not yet available. There are no workarounds that address this vulnerability. Mitigation options that address this vulnerability are available.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181031-asaftd-sip-dos"]


iQJ5BAEBAgBjBQJb2gc6XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfczKZMQAKLXDmbu6X18O3TeeURTVYB0S16f 441pXHynblKg8Ylh87tphUmbQHKLIE/R05yo1wveY3A3gxROPBCA4l1wQhWZ+pdp 4q9gKh7Wyv60c4HTAxhc+oTFsYk73cSXh3lT6b7eq5e6KkZmbBi6aPUCh3AbdmFL I+8H6mOVAgxvntStBjJLAaJwb24T2yAkKEAyjbuBL1qtWM/rS7DfUvkj099cQL9B 7HUf/pTtPzOAAkMKX/uJd4fty4bhryOzwa44cHv0H3HPtIsNMzkNRgtjZjQlNC1t C41nfgvTVbVjWFePk9VOdUPwHYiYeBi+M2Iueuyv/k7VC8fQfrqqCFxgOcCJq1pE Csas0q5ZrWU+Ppj5hhYbhSLEyFJdnQpWYiLOvr6dr7xQxHsJ1GjCbQ5fnFyboYL7 fFzjjOfh8l01wvpZ4EvVWr5K0Gc0+uso3aJZyZZM+dekbih9fJ70bm+AF8P1j5vg PuykCk2LrE3wq0W2xi6iLx0yXqP9NGF6hTVI1bZ1aZ+ErVcd7YIDe0U0ooFTqSve EdV/0pQdU9saX87WanZcT0/vh3lvH57DZyZty/SQHr9x4s0Gzl4xgsknY7Rc8pY7 hwzhfI8Lolk/5kb71TuF2UME+WUe+zCJ18xB9NF0zcMGJ5I2AdgE+McaanZbWY5Q WeoYN7mAjqXDjXC9 =PMo2 END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration


Snort® IPS/IDS

2019-01-15SIP over SCTP wildcard VIA address attempt
RuleID : 48593 - Revision : 1 - Type : PROTOCOL-VOIP
2018-12-04SIP wildcard VIA address flood attempt
RuleID : 48265 - Revision : 2 - Type : PROTOCOL-VOIP
2018-12-04SIP wildcard VIA address flood attempt
RuleID : 48264 - Revision : 2 - Type : PROTOCOL-VOIP
2014-01-10SIP REGISTER flood attempt
RuleID : 20395 - Revision : 5 - Type : PROTOCOL-VOIP
2014-01-10SIP REGISTER flood attempt
RuleID : 19389 - Revision : 8 - Type : PROTOCOL-VOIP

Nessus® Vulnerability Scanner

2018-11-08Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20181031-asaftd-sip-dos-asa.nasl - Type : ACT_GATHER_INFO
2018-11-08Name : The packet inspection software installed on the remote host is affected by a ...
File : cisco-sa-20181031-asaftd-sip-dos-ftd.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
2019-01-29 17:21:26
  • Multiple Updates
2018-11-01 17:21:38
  • Multiple Updates
2018-10-31 21:19:09
  • First insertion