QID 317094
Date Published: 2021-10-28
QID 317094: Cisco Adaptive Security Appliance (ASA) Software Application Level Gateway v Bypass Vulnerabilities (cisco-sa-natalg-bypass-cpKGqkng)
Multiple vulnerabilities in the Application Level Gateway (ALG) for the Network Address Translation (NAT) feature of Cisco Adaptive Security Appliance (ASA) Software
could allow an unauthenticated, remote attacker to bypass the ALG and open unauthorized connections with a host located behind the ALG.
Affected Products
This vulnerability affected Cisco ASA Software if they were running following vulnerable versions:
Prior to 9.8.4.40
From 9.12 Prior to 9.12.4.18
From 9.13 Prior to 9.14.2.15
From 9.15 Prior to 9.15.1.15
QID Detection Logic (Authenticated):
The check matches Cisco ASA OS version retrieved via Unix Auth using "version" command.
A successful exploit could allow the attacker to open unauthorized connections to the remote host and undertake actions leveraging that host.
Customers are advised to refer to cisco-sa-natalg-bypass-cpKGqkng for more information.
- cisco-sa-natalg-bypass-cpKGqkng -
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng
CVEs related to QID 317094
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| cisco-sa-natalg-bypass-cpKGqkng |
tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-natalg-bypass-cpKGqkng |