QID 316998
Date Published: 2021-07-22
QID 316998: Cisco Adaptive Security Appliance Software Release 9.16.1 IPsec Denial of Service Vulnerability(cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC)
A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker or
an unauthenticated attacker in a man-in-the-middle position to cause an
unexpected reload of the device that results in a denial of service (DoS) condition.
Affected Products
Cisco products if they are running Cisco ASA Software Release From 9.16.1 Prior to 9.16.1.28 and are configured to support IPsec connections to the device.
Adaptive Security Virtual Appliance (ASAv)
Note: These devices are not vulnerable if Federal Information Processing Standards Publication (FIPS) mode is enabled.
QID Detection Logic (Authenticated):
The check matches Cisco ASA OS version retrieved via Unix Auth using "version" command.
A successful exploit could cause the device to crash, forcing it to reload.
Successful exploitation of this vulnerability would not cause a compromise of any encrypted data.
Customers are advised to refer to cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC for more information.
- cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC
CVEs related to QID 316998
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC |