PT-2014-5275 · Cisco · Cisco Asa
Publicado
2014-10-08
·
Atualizado
2014-10-12
·
CVE-2014-3385
CVSS v2.0
7.8
Alta
| Vetor | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Cisco ASA Software versions 8.3 through 8.3(2.41)
Cisco ASA Software versions 8.4 through 8.4(7.10)
Cisco ASA Software versions 8.5 through 8.5(1.18)
Cisco ASA Software versions 8.6 through 8.6(1.12)
Cisco ASA Software versions 8.7 through 8.7(1.10)
Cisco ASA Software versions 9.0 through 9.0(4.7)
Cisco ASA Software versions 9.1 through 9.1(4.4)
Description
A race condition in the Health and Performance Monitoring (HPM) for ASDM feature allows remote attackers to cause a denial of service (device reload) via TCP traffic that triggers many half-open connections at the same time.
Recommendations
For Cisco ASA Software version 8.3, update to version 8.3(2.42) or later.
For Cisco ASA Software version 8.4, update to version 8.4(7.11) or later.
For Cisco ASA Software version 8.5, update to version 8.5(1.19) or later.
For Cisco ASA Software version 8.6, update to version 8.6(1.13) or later.
For Cisco ASA Software version 8.7, update to version 8.7(1.11) or later.
For Cisco ASA Software version 9.0, update to version 9.0(4.8) or later.
For Cisco ASA Software version 9.1, update to version 9.1(4.5) or later.
Correção
DoS
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Asa