Executive Summary

Summary
Title Cisco IOS XE Software and Cisco ASA 5500-X Series Adaptive Security Appliance IPsec Denial of Service Vulnerability
Informations
Name cisco-sa-20180926-ipsec First vendor Publication 2018-09-26
Vendor Cisco Last vendor Modification 2018-09-26
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the IPsec driver code of multiple Cisco IOS XE Software platforms and the Cisco ASA 5500-X Series Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the device to reload.

The vulnerability is due to improper processing of malformed IPsec Authentication Header (AH) or Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by sending malformed IPsec packets to be processed by an affected device. An exploit could allow the attacker to cause a reload of the affected device.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180926-ipsec"]

This advisory is part of the September 26, 2018, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 12 Cisco Security Advisories that describe 13 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication ["http://tools.cisco.com/security/center/viewErp.x?alertId=ERP-69981"].

BEGIN PGP SIGNATURE

iQJ5BAEBAgBjBQJbq67uXBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50 IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly dEBjaXNjby5jb20+AAoJEJa12PPJBfcz/XQP/isMlb9FU8tSIC0VCDBlUkmkrCEG gMOPfu4spZtLzJH17B8O1ZaQCGD0dJtjTvr7RwDgVTFL9kXKJ/Wfik5LyHXuxAqq NHYYakPtA1JBOS3Mko5Rb5Vf26tBNf/bDIEq/jl/G7BICoYdwZPbINBYi49HjDtE Nga8ROS+5IxUYqC4NXuADCfHqh5OIBdSV4LvGkGfxvWWpUcsACt9Khb8Ffc6jYud RLJwmjxdUxt2qafX8WJ0qB/EYmxgIKqQr38TNUEjIU8t1FvrPmwI7FxQ2y7GBKrf 35sUV9qqMUZSXxdtpyF3HF/X2t+yOqjsKS8kPNXSz49kel23khcFBK+dDhMaypSD xOdsxPfJZ8WG4gvczWZcQ+VDMPVRkmZidmxOLgcaJc8fMJqIzwl6ju5uvI6puY97 rBub1VHqISfldIaS+XlOOBnOtTyiToD2G8+piOyPhe0eYh7Vw04ABAnoYFNrOjCB Nr29Hn5X6QRX94dEr/LKRxhzVQFJPcbq9nIJFvq5JrCmAOg4IpU87WWplurrQVg6 D+C8TY8tQXq0NPlW5zX/w8BwVkgEJx2lSudjek9FJtQJcv6hliY2mlFSGqhiyAgt DCT9Eyx51J1wp3phCUbUs8GFggZ3yXG851EMC4Q64juPeli3r8TjDU479OGi2cVN x01YMBcZJ8PVjuP +=eAvT END PGP SIGNATURE

_______________________________________________ cust-security-announce mailing list cust-security-announce@cisco.com To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com

Original Source

Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...)

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-20 Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Os 2

Nessus® Vulnerability Scanner

Date Description
2018-10-05 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20180926-ipsec-iosxe.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
Date Informations
2018-12-31 17:21:13
  • Multiple Updates
2018-10-05 21:21:50
  • Multiple Updates
2018-09-26 21:19:15
  • First insertion