CVE-2015-0742

Name of the Vulnerable Software and Affected Versions Cisco Adaptive Security Appliance (ASA) Software versions 9.2(0.0) through 9.4(0.115) Cisco Adaptive Security Appliance (ASA) Software versions 100.13(0.21) through 100.14(1.1)

Description The issue is related to the Protocol Independent Multicast (PIM) application in Cisco Adaptive Security Appliance (ASA) Software, which does not properly implement multicast-forwarding registration. This allows remote attackers to cause a denial of service (forwarding outage) via a crafted multicast packet. The vulnerability can be exploited by an unauthenticated, remote attacker to disrupt the multicast traffic forwarding on the affected device via a denial-of-service (DoS) attack.

Recommendations For Cisco Adaptive Security Appliance (ASA) Software versions 9.2(0.0) through 9.4(0.115), update to a fixed version to resolve the issue. For Cisco Adaptive Security Appliance (ASA) Software versions 100.13(0.21) through 100.14(1.1), update to a fixed version to resolve the issue. As a temporary workaround, consider restricting access to the PIM application to minimize the risk of exploitation.