Executive Summary

Title Cisco ACE30 Application Control Engine Module and Cisco ACE 4710 Application Control Engine Denial of Service Vulnerability
Name cisco-sa-20160908-ace First vendor Publication 2016-09-08
Vendor Cisco Last vendor Modification 2016-09-08
Severity (Vendor) N/A Revision 1.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A vulnerability in the SSL/TLS functions of the Cisco ACE30 Application Control Engine Module and the Cisco ACE 4700 Series Application Control Engine Appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.

The vulnerability is due to incomplete input validation checks in the SSL/TLS code. An attacker could exploit this vulnerability by sending specific SSL/TLS packets to the affected device. An exploit could allow the attacker to trigger a reload of the affected device.

Cisco has confirmed the vulnerability; however, software updates are currently not available. Cisco will released software updates that address the vulnerability described in this advisory. The advisory will be updated once an estimated software fix availability date is made available.

There are no workarounds that address this vulnerability.

This advisory is available at the following link:


BEGIN PGP SIGNATURE Version: GnuPG v1.4.5 (SunOS)

iQIVAwUBV9GYXa89gD3EAJB5AQJdyA/6As6KAlNIrMNN2IGR/FwEHVttskJhNOUq 998WL4vt5rExzt41OYs2hslDGoGVkU7y3BWOYOtXs2deYFlGeflm+VC/ITg0UCzP 7FCqUm0yKCW6T2hwJyauRbbbOrlbs56YRmfUDUwmL9B4lYm03/fJen18gdS4+G/g 8wTKw1CfYklzjKkGvR0BCXmlNWEpsYfsgnozHUh1ZnJgU18fQ1fADY78aXtY34ID 3WqIQXRAHgK8aJE4P90VAqcVyRMbbfqMmbX3SZic5GjFNo30tOG6mUD9q3R1kX6v cu2T22T532E4Ed3ZKujbdbLfw1SY99ESLLh5VLBuih4vx2C93ZTSFVr5elQwSeqC BqiBKOaqMhS1ae7HrgThifayRrXa1z15+U4CMf9NJ6FieH7Jib7/W/J8V4S6X4k7 yk9TkVr/hur7P61qXzLdSRi11mCw6pt+Ed5rK1Mb9/sB9O6ddXQJQBN6e8KCvYCU SyEUAGelAffekTPfesLD9xpE03Oep3dsiX8O/yJagTdQQ+DWqUbxSnADm2PfHVS6 ZPdrGDmXjgRnAIVpPGbZ1P7EzotCdiNmea4POdFf+Xvg/F1pdnNJKrIed2R+P2c8 TUnmePi5oQGe4uVChUttKYmBjU79sp95l4G0r0XqtVFuKXOyujQGuf3y0IQ4ZCiA 4E2s2KryJkE= =eB0d END PGP SIGNATURE _______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

Application 4
Application 8
Application 6
Application 11
Hardware 8
Hardware 5
Hardware 8
Hardware 6
Hardware 4

Snort® IPS/IDS

Date Description
2016-11-30 Cisco Application Control Engine SSL handshake parsing denial of service attempt
RuleID : 40877 - Revision : 2 - Type : SERVER-OTHER

Alert History

If you want to see full details history, please login or register.
Date Informations
2016-09-13 05:20:11
  • Multiple Updates
2016-09-12 17:27:30
  • Multiple Updates
2016-09-08 21:22:12
  • First insertion