Executive Summary

Title Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability
Name cisco-sa-20160504-fpkern First vendor Publication 2016-05-04
Vendor Cisco Last vendor Modification 2016-05-04
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the kernel logging configuration for Firepower System Software for the Adaptive Security Appliance (ASA) 5585-X FirePOWER Security Services Processor (SSP) module could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to high consumption of system resources.

The vulnerability is due to the logging of certain IP packets. An attacker could exploit this vulnerability by sending a flood of specially crafted IP packets to the affected device. An exploit could allow the attacker to cause the Cisco FirePOWER module to cease inspecting traffic or go offline.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:


BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBVyAbtK89gD3EAJB5AQLENxAAprdyZgAuwqP+PyQ3PJuE6iLgyDDFTNpi yZ0UfoCjJ1BmSFkc/dbdhMtPgAuKiMJhIlgsH1N+Aq3rxxoPlvh33woruEJeqjus J/YqK/HRT+3oOzJTk9JklUqs6AYNgawjVofttsl3ITeshh8uOzPgIOxAUYSJOAy7 Ax6bwYDFNxP6+HuXT6QKU811WsPJ3BT3VebPw44E4drPoWkSHqp7j/Ga8ZFPGNWn Cx9rz8PebImTRjKfgan9f50n1fEIElow1DedMFv5uthsf0iCU9etDbOXBL/Plmk8 gbbqJJVQkPUdFiMHbF1YipX3uzmPLKj9APOSezSYiV1pksTRBg4Pg/Ytgrgao8Dk d/ipqv8I2XW0dnNdXwImVQ6MbZ9z68OmCR+xEbui6DEBTnD5SQQYO8fHKEJpUhCO WdVd5diOhdMvxOzq3kWPwlZ8wkYlukGT9UTYRv2nsK3n8zqR0/NdYIKiYtnO4wI4 67/8Wx/Yw9ckZ79VOaMpbkulrnDQ+DOPqc1r5bia28w4jY1aq8MdyQsT1xbIiePl euEtQXvqek+qHQQQy/dgMjNw7fivovo/sH1PXUEtXD3bnYDNhc2ProUcPr82JY9E P/s5sLXwG95kV72hJN2BwN0bS7/FU/OlJ3QtkiUsBTGor/ZDgIGPJHCLvdTxCr9A xQXI9bEKg3w= =Nu46 END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

CPE : Common Platform Enumeration

Application 17

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-05-10 05:47:48
  • Multiple Updates
2016-05-04 21:27:15
  • First insertion